'TCAT-AS-001220 - $CATALINA_BASE/conf/ folder must be owned by root, group tomcat.' (Vuln ID: V-222987)
search cancel

'TCAT-AS-001220 - $CATALINA_BASE/conf/ folder must be owned by root, group tomcat.' (Vuln ID: V-222987)

book

Article ID: 227082

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

'TCAT-AS-001220 - $CATALINA_BASE/conf/ folder must be owned by root,  group tomcat.' (Vuln ID: V-222987)

'TCAT-AS-001200 - $CATALINA_HOME folder must be owned by the root user, group tomcat.' (Vuln ID: V-222986)

Environment

Release : 21.2

 

Resolution

The changes proposed in this finding/STIG item can be done.

Broadcom tested these changes internally and the product still functions normally.

The specified directories can be changed to root ownership and 'Spectrum Install' group.

Additional Information

As with implementing most STIG suggestion items, there will be some pain points associated with this.

Root access would be required to make any changes to the files within the "conf" directory.

Upgrades may also be affected if using a non-root user.

Support would recommend adding steps to the upgrade process for customers who perform this STIG.

Change ownership back to the Spectrum Install owner, perform the upgrade, and after successful upgrade the ownership can be changed back to root.

Powered by Wolken Software