18 - Restrict access to context.xml - mode


The context.xml file is loaded by all web applications and sets certain configuration options. It is recommended that access to this file has the proper permissions to properly protect from unauthorized changes.

Restricting access to this file will prevent local users from maliciously or inadvertently altering s security policy.


Perform the following to restrict access to context.xml:
1. Set the ownership of the $JETTY_HOME/..../context.xml to _admin:.
2. Remove read, write, and execute permissions for the world.
3. Remove write permissions for the group.
# chown _admin: $JETTY_HOME/..../context.xml # chmod g-w,o-rwx $JETTY_HOME/...../context.xml

Item Details


References: 800-53|AC-6

Plugin: Unix

Control ID: 00ef71910052a20acd74f720178c07c02af29b1f6f5f89ae1c390b6ba5eb6c72