Web server system files must conform to minimum file permission requirements.

An XCCDF Rule

Description

This check verifies that the key web server system configuration files are owned by the SA or the web administrator controlled account. These same files that control the configuration of the web server, and thus its behavior, must also be accessible by the account that runs the web service. If these files are altered by a malicious user, the web server would no longer be under the control of its managers and owners; properties in the web server configuration could be altered to compromise the entire server platform.

Property	Value
Responsibility	Web Administrator

ID: SV-32938r2_rule
Version: WG300 A22
Severity: Medium
Updated: 26 days ago

Remediation Templates

Use the chmod command to set permissions on the web server system directories and files as follows.

root dir
apache	      root	WebAdmin	771/660
/apache/cgi-bin    root	WebAdmin	775/775
/apache/bin	       root	WebAdmin	550/550/apache/config     root	WebAdmin	770/660
/apache/htdocs    root	WebAdmin	775/664
/apache/logs       root	WebAdmin	750/640

Web server system files must conform to minimum file permission requirements.

Description

Remediation Templates

A Manual Procedure