The server.xml file must be protected from unauthorized modification.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-250344 | IBMW-LS-000910 | SV-250344r961461_rule | CCI-001813 | medium |
| Description | ||||
| When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system. Protect the server.xml file from unauthorized modification by applying file permission restrictions. | ||||
| STIG | Date | |||
| IBM WebSphere Liberty Server Security Technical Implementation Guide | 2025-02-11 | |||
Details
Check Text (C-250344r961461_chk)
As a privileged user with local file access to ${server.config.dir}/server.xml, verify the server.xml file permissions are set to 660.
If the server.xml file permissions are not set to 660, this is a finding.
Fix Text (F-53733r795084_fix)
As a privileged user with local file access to ${server.config.dir}/server.xml.
Use the chmod command to configure the correct file permissions of 660.
chmod 660 server.xml