Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »


Product Name

CIS-CAT Pro Assessor

Product Version

Linux v4.27.0+

Date



Problem

After downloading the Linux bundle with JRE included and launching an Assessment over Terminal, I am getting an error stating:

“Error: Java is not in the JRE folder”

Solution

This download is designed for Linux ONLY operating systems and includes only shell scripts for tool operation on Linux. Centralized scripts utilize the embedded Java.

Users MUST ensure that the jre folder of the build has appropriate read and execute permissions in order for the assessment process to function. Where possible, CIS encourages Members to apply the principle of least privilege and provide Read and Execute to only the owner or owner and group.

  • An example of “least privilege” that members have found successful is setting read and execute by the owner (500) or owner and group (550) for just the jre folder is enough as that is where all the Java binaries needed for CIS-CAT execution are stored. An example command for this would be

    $ chmod -R 550 ~/mypath/Assessor/jre
  • Please Note: CIS Linux Benchmarks recommend preventing executions from partitions/file mounts /tmp or /var. Extracting CIS-CAT to those locations and setting the permission at a lower level of the jre directory will not allow execution of the program. As such, it is recommend that the CIS-CAT Pro Assessor directory be placed in a different location from partitions/file mounts such as /tmp or /var).

The embedded Java is only suitable for Linux OS, not MacOS. Please see this article if you are unable to use the MacOS with embedded Java [JRE]

https://cisecurity.atlassian.net/l/cp/wqN15nSv

Keywords; JRE Java Assessor MacOS Linux Permissions

Content by Label


Copyright © 2023

Center for Internet Security®


  • No labels