STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

DISA Rule

SV-234832r622137_rule

Vulnerability Number

V-234832

Group Title

SRG-OS-000205-GPOS-00083

Rule Version

SLES-15-010340

Severity

CAT II

CCI(s)

• CCI-001312 - The information system generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

Weight

10

Fix Recommendation

Configure the SUSE operating system to set permissions of all log files under /var/log directory to 640 or more restricted, by using the following command:

> sudo find /var/log -perm /137 -type f -exec chmod 640 '{}' \;

Check Contents

Verify the SUSE operating system has all system log files under the /var/log directory with a permission set to 640, by using the following command:

> sudo find /var/log -perm /137 -type f -exec stat -c "%n %a" {} \;

If command displays any output, this is a finding.

Vulnerability Number

V-234832

Documentable

False

Rule Version

SLES-15-010340

Severity Override Guidance

Verify the SUSE operating system has all system log files under the /var/log directory with a permission set to 640, by using the following command:

> sudo find /var/log -perm /137 -type f -exec stat -c "%n %a" {} \;

If command displays any output, this is a finding.

Check Content Reference

M

Target Key

5274

Comments