III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000380-AS-000088
<GroupDescription></GroupDescription>Group -
$CATALINA_BASE/logs/ folder must be owned by tomcat user, group tomcat.
<VulnDiscussion>Tomcat file permissions must be restricted. The standard configuration is to have all Tomcat files owned by root with group T...Rule Medium Severity -
SRG-APP-000380-AS-000088
<GroupDescription></GroupDescription>Group -
$CATALINA_BASE/temp/ folder must be owned by tomcat user, group tomcat.
<VulnDiscussion>Tomcat file permissions must be restricted. The standard configuration is to have all Tomcat files owned by root with group T...Rule Low Severity -
SRG-APP-000380-AS-000088
<GroupDescription></GroupDescription>Group -
$CATALINA_BASE/temp folder permissions must be set to 750.
<VulnDiscussion>Tomcat's file permissions must be restricted. The standard configuration is to have all Tomcat files owned by root with the g...Rule Low Severity -
SRG-APP-000380-AS-000088
<GroupDescription></GroupDescription>Group -
$CATALINA_BASE/work/ folder must be owned by tomcat user, group tomcat.
<VulnDiscussion>Tomcat file permissions must be restricted. The standard configuration is to have all Tomcat files owned by root with group T...Rule Medium Severity -
SRG-APP-000391-AS-000239
<GroupDescription></GroupDescription>Group -
Multifactor certificate-based tokens (CAC) must be used when accessing the management interface.
<VulnDiscussion>Password authentication does not provide sufficient security control when accessing a management interface. DOD has specified...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.