From VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide
Part of SRG-APP-000233-WSR-000146
Associated with: CCI-001084
A web server is used to deliver content on the request of a client. The content delivered to a client must be controlled, allowing only hosted application files to be accessed and delivered. To allow a client access to system files of any type is a major security risk that is entirely avoidable. Obtaining such access is the goal of directory traversal and URL manipulation vulnerabilities. To facilitate such access by misconfiguring the web document (home) directory is a serious error. In addition, having the path on the same drive as the system folder compounds potential attacks such as drive space exhaustion.
At the command prompt, execute the following commands: df -k /usr/java/default/bin/java df -k /usr/lib/vmware-casa/casa-webapp/webapps If the two directories above are on the same partition, this is a finding
Consult with the ISSO. Move the tc Server CaSa /usr/lib/vmware-casa/casa-webapp/webapps directory to a separate partition.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer