{"description": "Verify that the \"journalctl\" command has a permission set of \"740\" by\nusing the following command:\n<pre>\n $ sudo find /usr/bin/journalctl -exec stat -c \"%n %a\" {} \\;\n</pre>\nIf \"journalctl\" is not set to \"740\", this is a finding.", "rationale": "Any operating system providing too much information in error messages risks\ncompromising the data and security of the structure, and content of error messages\nneeds to be carefully considered by the organization.", "severity": "medium", "references": {"stigid": ["UBTU-22-232140"], "stigref": ["SV-260512r958564_rule"]}, "control_references": {"stigid": ["UBTU-22-232140"]}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "Configure \"journalctl\" to have a permission set of \"740\":\n<pre>\n$ sudo chmod 740 /usr/bin/journalctl\n</pre>\n", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Verify Permissions on the journal command", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/logging/journald/file_permissions_journalctl/rule.yml", "template": {"name": "file_permissions", "vars": {"filepath": "/usr/bin/journalctl", "filemode": "0740"}, "backends": {}}}