Details
The $JETTY_HOME/temp/ directory is used by Jetty to persist temporary information to disk. It is recommended that you create a user to specifically run Jetty. This user should have the minimum set of privileges needed to run Jetty. The ownership of this directory should then be assigned to the Jetty user. It is also recommended that the permissions on this directory prevent read, write, and execute for the world (o-rwx).
Rationale:
Restricting access to these directories will prevent local users from maliciously or inadvertently affecting the integrity of Jetty processes.
Solution
Perform the following to restrict access to application log files:
1. Set the ownership of the $JETTY_HOME/temp to _admin:.
2. Remove read, write, and execute permissions for the world
# chown _admin: $JETTY_HOME/temp # chmod o-rwx $JETTY_HOME/temp
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.