UCF STIG Viewer Logo

The server.xml file must be protected from unauthorized modification.


Overview

Finding ID Version Rule ID IA Controls Severity
V-250344 IBMW-LS-000910 SV-250344r795085_rule Medium
Description
When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system. Protect the server.xml file from unauthorized modification by applying file permission restrictions.
STIG Date
IBM WebSphere Liberty Server Security Technical Implementation Guide 2021-08-30

Details

Check Text ( C-53779r795083_chk )
As a privileged user with local file access to ${server.config.dir}/server.xml, verify the server.xml file permissions are set to 660.

If the server.xml file permissions are not set to 660, this is a finding.
Fix Text (F-53733r795084_fix)
As a privileged user with local file access to ${server.config.dir}/server.xml.

Use the chmod command to configure the correct file permissions of 660.

chmod 660 server.xml