Check: PHTN-67-000042
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000042
(in versions v1 r6 through v1 r1)
Title
The Photon operating system messages file must be owned by root. (Cat II impact)
Discussion
Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state and can provide sensitive information to an unprivileged attacker.
Check Content
At the command line, execute the following command: # stat -c "%n is owned by %U and group owned by %G" /var/log/vmware/messages If /var/log/vmware/messages is not owned by root or not group owned by root, this is a finding.
Fix Text
At the command line, execute the following command: # chown root:root /var/log/vmware/messages
Additional Identifiers
Rule ID: SV-239114r675150_rule
Vulnerability ID: V-239114
Group Title: SRG-OS-000206-GPOS-00084
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001314 |
The information system reveals error messages only to organization-defined personnel or roles. |
Controls
Number | Title |
---|---|
SI-11 |
Error Handling |