Details
logging.properties is a Tomcat files which specifies the logging configuration. It is recommended that access to this file properly protect from unauthorized changes.
Rationale:
Restricting access to this file will prevent local users from maliciously or inadvertently altering Tomcat’s security policy.
Solution
Perform the following to restrict access to logging.properties:
Set the ownership of the $CATALINA_HOME/conf/logging.properties to tomcat_admin:tomcat.
# chown tomcat_admin:tomcat $CATALINA_HOME/conf/logging.properties
Set the permissions for the $CATALINA_HOME/conf/logging.properties file to 600.
# chmod 600 $CATALINA_HOME/conf/logging.properties
Default Value:
The default permissions are 600.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.