Apache Tomcat Application Server 9 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
$CATALINA_BASE/temp folder permissions must be set to 750.
<VulnDiscussion>Tomcat's file permissions must be restricted. The standard configuration is to have all Tomcat files owned by root with the g...Rule Low Severity -
SRG-APP-000380-AS-000088
<GroupDescription></GroupDescription>Group -
$CATALINA_BASE/work/ folder must be owned by tomcat user, group tomcat.
<VulnDiscussion>Tomcat file permissions must be restricted. The standard configuration is to have all Tomcat files owned by root with group T...Rule Medium Severity -
SRG-APP-000391-AS-000239
<GroupDescription></GroupDescription>Group -
Multifactor certificate-based tokens (CAC) must be used when accessing the management interface.
<VulnDiscussion>Password authentication does not provide sufficient security control when accessing a management interface. DoD has specified...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules