JBOS-AS-000400 - JBoss file permissions must be configured to protect the confidentiality and integrity of application files.

Information

The JBoss EAP Application Server is a Java-based AS. It is installed on the OS file system and depends upon file system access controls to protect application data at rest. The file permissions set on the JBoss EAP home folder must be configured so as to limit access to only authorized people and processes. The account used for operating the JBoss server and any designated administrative or operational accounts are the only accounts that should have access.

When data is written to digital media such as hard drives, mobile computers, external/removable hard drives, personal digital assistants, flash/thumb drives, etc., there is risk of data loss and data compromise. Steps must be taken to ensure data stored on the device is protected.

Solution

Configure file permissions on the JBoss folder to protect from unauthorized access.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_JBoss_EAP_6-3_V2R4_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-28, CAT|II, CCI|CCI-001199, Rule-ID|SV-213536r954932_rule, STIG-ID|JBOS-AS-000400, STIG-Legacy|SV-76789, STIG-Legacy|V-62299, Vuln-ID|V-213536

Plugin: Unix

Control ID: 75457d41e36158aeb56e0fabe2e41b8cc5605728215a9679174b9bed00850a6e