Check: PHTN-67-000041
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000041
(in versions v1 r6 through v1 r1)
Title
The Photon operating system /var/log directory must be owned by root. (Cat II impact)
Discussion
Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state and can provide sensitive information to an unprivileged attacker.
Check Content
At the command line, execute the following command: # stat -c "%n is owned by %U and group owned by %G" /var/log If the /var/log is not owned by root, this is a finding.
Fix Text
At the command line, execute the following command: # chown root:root /var/log
Additional Identifiers
Rule ID: SV-239113r675147_rule
Vulnerability ID: V-239113
Group Title: SRG-OS-000206-GPOS-00084
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001314 |
The information system reveals error messages only to organization-defined personnel or roles. |
Controls
Number | Title |
---|---|
SI-11 |
Error Handling |