JBOS-AS-000030 - The Java Security Manager must be enabled for the JBoss application server.

Information

The Java Security Manager is a java class that manages the external boundary of the Java Virtual Machine (JVM) sandbox, controlling how code executing within the JVM can interact with resources outside the JVM.

The Java Security Manager uses a security policy to determine whether a given action will be
permitted or denied.

To protect the host system, the JBoss application server must be run within the Java Security Manager.

Solution

For a domain installation:
Enable the respective JAVA_OPTS flag in both the domain.conf and the domain.conf.bat files.

For a standalone installation:
Enable the respective JAVA_OPTS flag in both the standalone.conf and the standalone.conf.bat files.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_JBoss_EAP_6-3_V2R4_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3, CAT|I, CCI|CCI-000213, Rule-ID|SV-213497r954708_rule, STIG-ID|JBOS-AS-000030, STIG-Legacy|SV-76715, STIG-Legacy|V-62225, Vuln-ID|V-213497

Plugin: Unix

Control ID: d0e393060c3d293541a0e861ef7c7e1b1488161d7e800712339b7467a6b83909