The server.xml file must be protected from unauthorized modification.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-250344	IBMW-LS-000910	SV-250344r961461_rule		Medium

Description

When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system. Protect the server.xml file from unauthorized modification by applying file permission restrictions.

STIG	Date
IBM WebSphere Liberty Server Security Technical Implementation Guide	2025-02-11

Details

Check Text (C-53779r795083_chk)

As a privileged user with local file access to ${server.config.dir}/server.xml, verify the server.xml file permissions are set to 660.

If the server.xml file permissions are not set to 660, this is a finding.

Fix Text (F-53733r795084_fix)

As a privileged user with local file access to ${server.config.dir}/server.xml.

Use the chmod command to configure the correct file permissions of 660.

chmod 660 server.xml