Java permissions must be set for hosted applications.
An XCCDF Rule
Description
<VulnDiscussion>The Java Security Manager is a java class that manages the external boundary of the Java Virtual Machine (JVM) sandbox, controlling how code executing within the JVM can interact with resources outside the JVM. The JVM requires a security policy in order to restrict application access. A properly configured security policy will define what rights the application has to the underlying system. For example, rights to make changes to files on the host system or to initiate network sockets in order to connect to another system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-213496r615939_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
Configure the Java security manager to enforce access restrictions to the host system resources in accordance with application design and resource requirements.