Skip to main content

Restrict service root directory

Requirement#

The service process must have a root directory with access only to the necessary files.

References#

  • CAPEC-122: Privilege Abuse: An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.