The Photon operating system must reveal error messages only to authorized users.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-258832 | SRG-OS-000206-GPOS-00084 | PHTN-40-000074 | SV-258832r958566_rule | 2024-07-11 | 2 |
| Description |
|---|
| Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the operating system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives. |
| ℹ️ Check |
|---|
| If another package is used to offload logs, such as syslog-ng, and is properly configured, this is not applicable. At the command line, run the following command to verify rsyslog generates log files that are not world readable: # grep '^\$umask' /etc/rsyslog.conf Example result: $umask 0037 If "$umask" is not set to "0037" or more restrictive, this is a finding. |
| ✔️ Fix |
|---|
| Navigate to and open: /etc/rsyslog.conf Add or update the following line: $umask 0037 At the command line, run the following command: # systemctl restart rsyslog.service |