STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-217188r646734_rule
V-217188
SRG-OS-000206-GPOS-00084
SLES-12-010890
CAT II
10
Configure the SUSE operating system to prevent unauthorized users from accessing system error messages.
Add or update the following rules in "/etc/permissions.local":
/var/log/messages root:root 640
Set the correct permissions with the following command:
> sudo chkstat --set --system
Verify that the SUSE operating system prevents unauthorized users from accessing system error messages.
Check the "/var/log/messages" file permissions with the following comand:
> sudo stat -c "%n %U:%G %a" /var/log/messages
/var/log/messages root:root 640
Check that "permissions.local" file contains the correct permissions rules with the following command:
> grep -i messages /etc/permissions.local
/var/log/messages root:root 640
If the effective permissions do not match the "permissions.local" file, the command does not return any output, or is commented out, this is a finding.
V-217188
False
SLES-12-010890
Verify that the SUSE operating system prevents unauthorized users from accessing system error messages.
Check the "/var/log/messages" file permissions with the following comand:
> sudo stat -c "%n %U:%G %a" /var/log/messages
/var/log/messages root:root 640
Check that "permissions.local" file contains the correct permissions rules with the following command:
> grep -i messages /etc/permissions.local
/var/log/messages root:root 640
If the effective permissions do not match the "permissions.local" file, the command does not return any output, or is commented out, this is a finding.
M
4033