Details
The directory attribute tells Tomcat where to store logs. It is recommended that the location pointed to by the directory attribute is secured.
Solution
1. Add the following statement into the $CATALINA_BASEwebapps
2. Set the location pointed to by the directory attribute to be owned by tomcat_admin:tomcat with permissions of o-rwx.
# chown tomcat_admin:tomcat $CATALINA_HOME/logs
# chmod o-rwx $CATALINA_HOME/logs
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.