{"description": "Any operating system providing too much information in error messages\nrisks compromising the data and security of the structure, and content\nof error messages needs to be carefully considered by the organization.\n\nOrganizations carefully consider the structure/content of error messages.\nThe extent to which information systems are able to identify and handle\nerror conditions is guided by organizational policy and operational\nrequirements. Information that could be exploited by adversaries includes,\nfor example, erroneous logon attempts with passwords entered by mistake\nas the username, mission/business information that can be derived from\n(if not stated explicitly by) information recorded, and personal\ninformation, such as account numbers, social security numbers, and credit\ncard numbers.", "rationale": "The Ubuntu 22.04 must generate error messages that provide information\nnecessary for corrective actions without revealing information that could\nbe exploited by adversaries.", "severity": "medium", "references": {"cis": ["6.2.2.1"]}, "control_references": {"cis": ["6.2.2.1"]}, "components": [], "identifiers": {}, "ocil_clause": "not all log files owned by root or syslog", "ocil": "Verify the operating system has all system log files under the\n<pre>/var/log</pre> directory, that are not excluded, with an owner set to root | syslog,", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Verify ownership of log files", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_ownerships_var_log/rule.yml", "template": null}