Documentation - V-213517

V-213517

JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide

CAT II

Title

mgmt-users.properties file permissions must be set to allow access to authorized users only.

Description

<VulnDiscussion>The mgmt-users.properties file contains the password hashes of all users who are in a management role and must be protected. Application servers have the ability to specify that the hosted applications utilize shared libraries. The application server must have a capability to divide roles based upon duties wherein one project user (such as a developer) cannot modify the shared library code of another project user. The application server must also be able to specify that non-priv...

Fix Text (Documentation Requirement)

Configure the file permissions to allow access to authorized users only. Owner can be full access. Group can be full access. All others must have execute permissions only.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel