Description of problem:
Files in documentation folder have 'loose' permissions:
In the file /usr/share/doc/slf4j-1.7.4/APACHE-LICENSE , the permission is 0664. 0755 is expected or more restrictive
Version-Release number of selected component (if applicable):
Customer has security checker that complains about loose permissions for tomcat documentation files. Customer is concerned that group-write permissions to the documentation files may affect the security of the system and requesting for removing write permissions on group.
Thanks for the report. Although the permissions could be changed, we are not currently planning to update this component. Since the file's group is also root there is no obvious security issue here and 0664/root.root 0644/root.root are functionally equivalent.
We'll correct this upstream for future releases.