Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The server.xml file must be protected from unauthorized modification.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-250344 | IBMW-LS-000910 | SV-250344r850902_rule | Medium |
| Description |
|---|
| When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system. Protect the server.xml file from unauthorized modification by applying file permission restrictions. |
| STIG | Date |
|---|---|
| IBM WebSphere Liberty Server Security Technical Implementation Guide | 2022-09-09 |
Details
| Check Text ( C-53779r795083_chk ) |
|---|
| As a privileged user with local file access to ${server.config.dir}/server.xml, verify the server.xml file permissions are set to 660. If the server.xml file permissions are not set to 660, this is a finding. |
| Fix Text (F-53733r795084_fix) |
|---|
| As a privileged user with local file access to ${server.config.dir}/server.xml. Use the chmod command to configure the correct file permissions of 660. chmod 660 server.xml |