Skip to content

Web client access to the content directories must be restricted to read and execute.

An XCCDF Rule

Description

<VulnDiscussion>Excessive permissions for the anonymous web user account are one of the most common faults contributing to the compromise of a web server. If this user is able to upload and execute files on the web server, the organization or owner of the server will no longer have control of the asset.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>Web Administrator</Responsibility><IAControls></IAControls>

ID
SV-33027r2_rule
Severity
High
Updated



Remediation - Manual Procedure

Assign the appropriate permissions to the applicable directories and files using the chmod command.