The WebSphere Liberty Server must protect log information from unauthorized access or changes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-250328 | IBMW-LS-000260 | SV-250328r960933_rule | Medium |
| Description |
| STIG | Date |
| IBM WebSphere Liberty Server Security Technical Implementation Guide | 2025-02-11 |
Details
| Check Text (C-53763r795035_chk) |
| As a user with local file access to ${server.config.dir}/logs, verify the following audit log files have the correct file permissions of 660. audit.log messages.log console.log trace.log (if it exists) If the file permissions for these files are not set to 660, this is a finding. |
| Fix Text (F-53717r795036_fix) |
| As a user with local file access to ${server.config.dir}/logs, use the chmod command to configure the following log files to have the correct file permissions of 660. chmod 660 <filename.log> audit.log messages.log console.log trace.log (if it exists) |