Details
Setting the privileged attribute for an application changes the class loader to the Server class loader instead of the Shared class loader.
Rationale:
Running an application in privileged mode allows an application to load the manager libraries.
Solution
Set the privileged attribute in all context.xml files to false unless it is required as for the manager application:
Default Value:
By default, privileged has a value of false.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.