Details
The JETTY.policy file is used to configure security policies for Jetty. It is recommended that access to this file has the proper permissions to properly protect from unauthorized changes.
Restricting access to this file will prevent local users from maliciously or inadvertently altering s security policy.
Solution
Perform the following to restrict access to $JETTY_HOME/…./JETTY.policy, set the owner and group owner of the contents of $JETTY_HOME/ to _admin and , respectively.
# chmod 770 $JETTY_HOME/…./JETTY.policy # chown _admin: $JETTY_HOME/…../JETTY.policy
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.