STIGQter: STIG Summary: JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

File permissions must be configured to protect log information from unauthorized deletion.

DISA Rule

SV-213515r615939_rule

Vulnerability Number

V-213515

Group Title

SRG-APP-000120-AS-000080

Rule Version

JBOS-AS-000175

Severity

CAT II

CCI(s)

CCI-000164 - The information system protects audit information from unauthorized deletion.

Weight

Fix Recommendation

Configure the OS file permissions on the application server to protect log information from unauthorized deletion.

Check Contents

Examine the log file locations and inspect the file permissions. Interview the system admin to determine log file locations. The default location for the log files is:

Standalone configuration:
<JBOSS_HOME>/standalone/log/

Managed Domain configuration:
<JBOSS_HOME>/domain/servers/<servername>/log/
<JBOSS_HOME>/domain/log/

Review the file permissions for the log file directories. The method used for identifying file permissions will be based upon the OS the EAP server is installed on.

Identify all users with file permissions that allow them to delete log files.

Request documentation from system admin that identifies the users who are authorized to delete log files.

If unauthorized users are allowed to delete log files, or if documentation that identifies the users who are authorized to delete log files is missing, this is a finding.

File permissions must be configured to protect log information from unauthorized deletion.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments