STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

DISA Rule

SV-219188r610963_rule

Vulnerability Number

V-219188

Group Title

SRG-OS-000205-GPOS-00083

Rule Version

UBTU-18-010121

Severity

CAT II

CCI(s)

• CCI-001312 - The information system generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

Weight

10

Fix Recommendation

Configured the Ubuntu operating system to set permissions of all log files under /var/log directory to 640 or more restricted, by using the following command:

# sudo find /var/log -perm /137 -type f -exec chmod 640 '{}' \;

Check Contents

Verify the Ubuntu operating system has all system log files under the /var/log directory with a permission set to 640, by using the following command:

# sudo find /var/log -perm /137 -type f -exec stat -c "%n %a" {} \;

If command displays any output, this is a finding.

Vulnerability Number

V-219188

Documentable

False

Rule Version

UBTU-18-010121

Severity Override Guidance

Verify the Ubuntu operating system has all system log files under the /var/log directory with a permission set to 640, by using the following command:

# sudo find /var/log -perm /137 -type f -exec stat -c "%n %a" {} \;

If command displays any output, this is a finding.

Check Content Reference

M

Target Key

4055

Comments