Details

The privileged attribute controls if a context (application) is allowed to use container provided servlets like the Manager servlet. It is false by default and should only be changed for trusted web applications.

Set to true to allow the context (application) to use container servlets, like the manager servlet. Use of the privileged attribute will change the context’s parent class loader to be the Server class loader rather than the Shared class loader. Note that in a default installation, the Common class loader is used for both the Server and the Shared class loaders. Use of the privileged attribute will change the context’s parent class loader to be the Server class loader rather than the Shared class loader.

Solution

On the Tomcat server as a privileged user, modify the relevant context.xml file and set the privileged attribute to false (privileged=false).
A restart should not be required if the context element is not maintained in the server.xml file.

If privileged mode is required for a particular application, verify trust of application and obtain documented approval from the ISSO. Document the applications that are approved to run in privileged mode and retain approvals in the system security plan (SSP) for CCRI reviews.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apache_Tomcat_Application_Server_9_V2R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-7b.
• CAT|II
• CCI|CCI-000382
• Rule-ID|SV-222961r615938_rule
• STIG-ID|TCAT-AS-000590
• STIG-Legacy|SV-111447
• STIG-Legacy|V-102505
• Vuln-ID|V-222961

Source

• Tenable.com/audits