The server.xml file must be protected from unauthorized modification.
An XCCDF Rule
Description
<VulnDiscussion>When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system. Protect the server.xml file from unauthorized modification by applying file permission restrictions.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-250344r850902_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
As a privileged user with local file access to ${server.config.dir}/server.xml.
Use the chmod command to configure the correct file permissions of 660.
chmod 660 server.xml