{"description": "All <tt>httpd</tt> logs must be owned by root user and group. By default,\nthe path for httpd logs is <tt>/var/log/httpd/</tt>\n\nTo properly set the owner of <code>/var/log/httpd</code>, run the command:\n\n  <pre>$ sudo chown root /var/log/httpd </pre>\n  \n\n\nTo properly set the owner of <code>/var/log/httpd/*</code>, run the command:\n\n  <pre>$ sudo chown root /var/log/httpd/* </pre>\n  ", "rationale": "A major tool in exploring the web site use, attempted use, unusual conditions,\nand problems are the access and error logs. In the event of a security incident,\nthese logs can provide the SA and the web administrator with valuable\ninformation. Because of the information that is captured in the logs, it is\ncritical that only authorized individuals have access to the logs.", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": "\nTo properly set the owner of <code>/var/log/httpd</code>, run the command:\n\n  <pre>$ sudo chown root /var/log/httpd </pre>\n  \n\n\nTo properly set the owner of <code>/var/log/httpd/*</code>, run the command:\n\n  <pre>$ sudo chown root /var/log/httpd/* </pre>\n  ", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "HTTPD Log Files Must Be Owned By Root", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml", "template": null}