STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM WebSphere Liberty Server Security Technical Implementation Guide

V-250344

CAT II (Medium)

The server.xml file must be protected from unauthorized modification.

Rule ID

SV-250344r961461_rule

STIG

IBM WebSphere Liberty Server Security Technical Implementation Guide

Version

V2R4

CCIs

CCI-001813

Discussion

When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system. Protect the server.xml file from unauthorized modification by applying file permission restrictions.

Check Content

As a privileged user with local file access to ${server.config.dir}/server.xml, verify the server.xml file permissions are set to 660.

If the server.xml file permissions are not set to 660, this is a finding.

Fix Text

As a privileged user with local file access to ${server.config.dir}/server.xml.

Use the chmod command to configure the correct file permissions of 660.

chmod 660 server.xml