Title

The operating system must reveal error messages only to authorized personnel. (Cat III impact)

Discussion

Proper file permissions and ownership ensures that only designated personnel in the organization can access error messages.

Check Content

Check the permissions of the /var/adm/messages file: # ls -l /var/adm/messages Check the permissions of the /var/adm directory: # ls -ld /var/adm If the owner and group of /var/adm/messages is not root and the permissions are not 640, this is a finding. If the owner of /var/adm is not root, group is not sys, and the permissions are not 750, this is a finding.

Fix Text

The root role is required. Change the permissions and owner on the /var/adm/messages file: # chmod 640 /var/adm/messages # chown root /var/adm/messages # chgrp root /var/adm/messages Change the permissions and owner on the /var/adm directory: # chmod 750 /var/adm # chown root /var/adm # chgrp sys /var/adm

Additional Identifiers

Rule ID: SV-216439r603267_rule

Vulnerability ID: V-216439

Group Title: SRG-OS-000206

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.