The Java Security Manager must be enabled for the JBoss application server.
An XCCDF Rule
Description
<VulnDiscussion>The Java Security Manager is a java class that manages the external boundary of the Java Virtual Machine (JVM) sandbox, controlling how code executing within the JVM can interact with resources outside the JVM. The Java Security Manager uses a security policy to determine whether a given action will be permitted or denied. To protect the host system, the JBoss application server must be run within the Java Security Manager.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-213497r615939_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
For a domain installation:
Enable the respective JAVA_OPTS flag in both the domain.conf and the domain.conf.bat files.
For a standalone installation:
Enable the respective JAVA_OPTS flag in both the standalone.conf and the standalone.conf.bat files.