10.12 Do not allow symbolic linking

Information

Symbolic links permit one application to include the libraries from another. This allows for re-use of code but also allows for potential security issues when applications include libraries from other applications to which they should not have access.

Rationale:

Allowing symbolic links makes Tomcat susceptible to directory traversal vulnerability. Also, there is a potential that an application could link to another application to which it should not be linking. On case-insensitive operating systems there is also the threat of source code disclosure.

Solution

In all context.xml, set the allowLinking attribute to false:

<Context
...
<Resources ... allowLinking='false' />
...
</Context>

Default Value:

By default allowLinking has a value of false.

See Also

https://workbench.cisecurity.org/benchmarks/11652

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|CM-7, 800-53|CM-7(1), 800-53|SI-7, 800-53|SI-7(1), CSCv7|5.1

Plugin: Unix

Control ID: 14b95bbb78c0291c4136cc09e3569b87ac0fd92992fa22e71b3f71a355a08add