8.1 Restrict runtime access to sensitive packages

Information

package.access grants or revokes access to listed packages during runtime. It is recommended that application access to certain packages be restricted.

NOTE: Nessus did not perform this check as it requires a manual review of the outputted packages that have access. Review the reported packages to ensure only required packages are enabled.

Solution

Edit $CATALINA_BASE/conf/catalina.properties by adding allowed packages to the package.access list.

See Also

https://workbench.cisecurity.org/files/266

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Unix

Control ID: 0ea05416db57629dee655803a17a731332b72cdee5464576d945d4cfaf330e01