UCF STIG Viewer Logo

The OL 8 lastlog command must have a mode of "0750" or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-248705 OL08-00-020262 SV-248705r779681_rule Medium
Description
Unauthorized disclosure of the contents of the /var/log/lastlog file can reveal system data to attackers, thus compromising its confidentiality.
STIG Date
Oracle Linux 8 Security Technical Implementation Guide 2022-12-06

Details

Check Text ( C-52139r779679_chk )
Verify the "lastlog" command has a mode of "0750" or less permissive with the following command:

$ sudo stat -c "%a %n" /usr/bin/lastlog

750 /usr/bin/lastlog

If the "lastlog" command has a mode more permissive than "0750", this is a finding.
Fix Text (F-52093r779680_fix)
Configure the mode of the "lastlog" command for OL 8 to "0750" with the following command:

$ sudo chmod 0750 /usr/bin/lastlog