STIGQter STIGQter: STIG Summary: JBoss EAP 6.3 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 25 Oct 2019: File permissions must be configured to protect log information from unauthorized deletion.

DISA Rule

SV-76745r1_rule

Vulnerability Number

V-62255

Group Title

SRG-APP-000120-AS-000080

Rule Version

JBOS-AS-000175

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the OS file permissions on the application server to protect log information from unauthorized deletion.

Check Contents

Examine the log file locations and inspect the file permissions. Interview the system admin to determine log file locations. The default location for the log files is:

Standalone configuration:
<JBOSS_HOME>/standalone/log/

Managed Domain configuration:
<JBOSS_HOME>/domain/servers/<servername>/log/
<JBOSS_HOME>/domain/log/

Review the file permissions for the log file directories. The method used for identifying file permissions will be based upon the OS the EAP server is installed on.

Identify all users with file permissions that allow them to delete log files.

Request documentation from system admin that identifies the users who are authorized to delete log files.

If unauthorized users are allowed to delete log files, or if documentation that identifies the users who are authorized to delete log files is missing, this is a finding.

Vulnerability Number

V-62255

Documentable

False

Rule Version

JBOS-AS-000175

Severity Override Guidance

Examine the log file locations and inspect the file permissions. Interview the system admin to determine log file locations. The default location for the log files is:

Standalone configuration:
<JBOSS_HOME>/standalone/log/

Managed Domain configuration:
<JBOSS_HOME>/domain/servers/<servername>/log/
<JBOSS_HOME>/domain/log/

Review the file permissions for the log file directories. The method used for identifying file permissions will be based upon the OS the EAP server is installed on.

Identify all users with file permissions that allow them to delete log files.

Request documentation from system admin that identifies the users who are authorized to delete log files.

If unauthorized users are allowed to delete log files, or if documentation that identifies the users who are authorized to delete log files is missing, this is a finding.

Check Content Reference

M

Target Key

2923

Comments