10.14 Do not allow symbolic linking

Information

Symbolic links allow one application to include the libraries from another. This allows for re-use of code but also allows for potential security issues when applications include libraries from other applications they should not have access to.

Solution

In all context.xml, set the allowLinking attribute to false.

See Also

https://workbench.cisecurity.org/files/266

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Unix

Control ID: db6af3d2c3b953e53043f1e16d4e0c2231f6900cfdd18bd568b77ee4c7d5b20b