Not all compliance guidance is technically correct. A DISA STIG remediation for Ubuntu 22.04 LTS recommends applying permission mode 2640 to systemd-journal directories — a setting that removes execute permissions and can disrupt core logging functionality. This post examines the issue in detail, explains why the recommendation is flawed, and outlines a safer, technically sound approach for administrators who need to balance compliance with system integrity.
When STIG Guidance Breaks Linux
