Detections
Analytics

1.189 OL08-00-020263

Information

The OL 8 lastlog command must be owned by root.

GROUP ID: V-248706
RULE ID: SV-248706r958566

Unauthorized disclosure of the contents of the /var/log/lastlog file can reveal system data to attackers, thus compromising its confidentiality.

Solution

Configure the "lastlog" command for OL 8 to be owned by root with the following command:

$ sudo chown root /usr/bin/lastlog

See Also

https://workbench.cisecurity.org/benchmarks/23791

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-11b., CAT|II, CCI|CCI-001314, Rule-ID|SV-248706r958566_rule, STIG-ID|OL08-00-020263, Vuln-ID|V-248706

Plugin: Unix

Control ID: e3d34cbe745f95e958fa5801ce27dc1d195fc750ce3a8eae05ab025e27278e78