UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The server.xml file must be protected from unauthorized modification.


Overview

Finding ID Version Rule ID IA Controls Severity
V-250344 IBMW-LS-000910 SV-250344r850902_rule Medium
Description
When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system. Protect the server.xml file from unauthorized modification by applying file permission restrictions.
STIG Date
IBM WebSphere Liberty Server Security Technical Implementation Guide 2022-09-09

Details

Check Text ( C-53779r795083_chk )
As a privileged user with local file access to ${server.config.dir}/server.xml, verify the server.xml file permissions are set to 660.

If the server.xml file permissions are not set to 660, this is a finding.
Fix Text (F-53733r795084_fix)
As a privileged user with local file access to ${server.config.dir}/server.xml.

Use the chmod command to configure the correct file permissions of 660.

chmod 660 server.xml