2.1 - Weak permissions on Weblogic directories

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The BEA Home directory is a repository for common files that are used by multiple BEA products installed on the same machine. The WebLogic Server product installation directory contains all the WebLogic Server software components that you choose to install on your system, including program files. A domain directory contains the configuration files, security files, log files, J2EE applications, and other J2EE resources for a single WebLogic domain. If you install multiple domains on a WebLogic Server host computer, each domain directory must be protected.

Improper permission on Weblogic home and domain directories may cause inadvertent/deliberate changes in configuration files. Only Weblogic administrator should have permission to access these directories.

Solution

No other user, other than the Weblogic administrator account should have Read, Write and execute access to the above Weblogic directories. Identify the location where Weblogic 11g is installed and the userdomains are located.

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6(7), 800-53|CM-6, CSCv6|3.1

Plugin: Windows

Control ID: 00daac4d1bd7bea1b71df4c9be75d44d615b6c956d3396a33757ad27d3f8cd59