1.4 Set permissions on local-settings.js - Administrators

Information

Set permissions on local-settings.js so that it can only be modified or deleted by an Administrator.

Rationale:

Any users with the ability to modify the local-settings.js file can bypass all security configurations by changing the file or deleting it.

Impact:

Non-administrative users will not be able to write to the local-settings.js.

Solution

Deny non-administrators the ability to write to local-settings.js.

Default Value:

Not configured.

See Also

https://workbench.cisecurity.org/files/4299

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(6)

Plugin: Windows

Control ID: 0ce13e55e49768e68949b77baf7ea3ea79b085894a3f5c3c751832cf9a77d061