Information
Sybase ASE supports Java extensively, incorporating the Sun Java Virtual Machine (JVM)
and offering full interoperability with Transact-SQL. Sybase implements part 1 of the SQLJ
standard, and extends the standard, for instance by permitting direct references to Java
methods and classes.
Java access in Sybase ASE cannot be configured on a per user basis; it is either available to
all users, or to none. It is disabled by default and it is recommended that it is not enabled
unless absolutely necessary. Note that only users with the sa_role can enable Java.
Rationale:
Java in ASE is a powerful target for an attacker since they can use it to interact with file
system and network resources. With Java disabled, the potential for gaining a foothold on
the host operating system and/or network is reduced.
Solution
1. Connect to the ASE server with a user that has the sa_role and execute the
following SQL statement:
exec sp_configure 'enable java', 0