Detections
Analytics

1.190 OL08-00-020264

Information

The OL 8 lastlog command must be group-owned by root.

GROUP ID: V-248707
RULE ID: SV-248707r958566

Unauthorized disclosure of the contents of the /var/log/lastlog file can reveal system data to attackers, thus compromising its confidentiality.

Solution

Configure the "lastlog" command for OL 8 to be group-owned by root with the following command:

$ sudo chgrp root /usr/bin/lastlog

See Also

https://workbench.cisecurity.org/benchmarks/23791

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-11b., CAT|II, CCI|CCI-001314, Rule-ID|SV-248707r958566_rule, STIG-ID|OL08-00-020264, Vuln-ID|V-248707

Plugin: Unix

Control ID: c11b16920c3e7a1047592fd8bc1ecffa27ac759c628e6d22a95cbb2f3ca643d7