Set Proper Permissions
Another common-sense defense for protecting critical system logging and accounting is to set proper permissions on the log files, as well as (for UNIX systems) utmp, wtmp, lastlog, and users' shell histories. While particular permissions vary depending on the operating system, you should configure your system to allow for the minimum possible read and write access of log files. In particular, security and kernel logs should be set to be read and written only by root, if your UNIX flavor allows such tight permissions. Some variants of UNIX require that particular log files be writeable by particular accounts other than root. If this is the case for your flavor of UNIX, make sure that you configure the minimal permissions necessary for logging to function properly.