16 - Restrict access to JETTY.policy - owner

Information

The JETTY.policy file is used to configure security policies for Jetty. It is recommended that access to this file has the proper permissions to properly protect from unauthorized changes.

Restricting access to this file will prevent local users from maliciously or inadvertently altering s security policy.

Solution

Perform the following to restrict access to $JETTY_HOME/..../JETTY.policy, set the owner and group owner of the contents of $JETTY_HOME/ to _admin and , respectively.
# chmod 770 $JETTY_HOME/..../JETTY.policy # chown _admin: $JETTY_HOME/...../JETTY.policy

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Unix

Control ID: 5521dd89524951a8639852677a3a46978181f8bbfb78f8652a24dd7cee183756