{"description": "For each <tt>&lt;Directory&gt;</tt> instance, remove the following:\n<pre>FollowSymLinks</pre>\nIf symbolic links are allowed, the following can be added for each\n<tt>&lt;Directory&gt;</tt> instance:\n<pre>Options SymLinksIfOwnerMatchDisable</pre>", "rationale": "A symbolic link allows a file or a directory to be referenced using a symbolic\nname raising a potential hazard if symbolic linkage is made to a sensitive area.\nWhen web scripts are executed and symbolic links are allowed, the web user could\nbe allowed to access locations on the web server that are outside the scope of\nthe web document root or home directory.", "severity": "high", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "it is not", "ocil": "Inspect each <tt>&lt;Directory&gt;</tt> instance and verify that either\n<pre>FollowSymLinks</pre> does not exist, or\n<pre>Options SymLinksIfOwnerMatchDisable</pre> is configured properly.", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Disable Web Content Symbolic Links", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml", "template": null}