2.1 Configure Java Security Manager to use an environment specific policy - 'JAVA_OPTS -Djava.security.manager -Djava.security.policy'

Information

The Java Security Manager is a crucial piece of the Java security infrastructure. JBoss Enterprise Application Platform should be configured to load a Java security policy that has been vetted for use in the environment. This precludes the use of the simple default policy that ships with JBoss, but does not preclude the use of preconfigured policy files like the security policy designed for use in a Common Criteria environment (See JBoss Common Criteria Configuration Guide for details).

Solution

JAVA_OPTS="$JAVA_OPTS -Djava.security.manager -Djava.security.policy==[PATH TO POLICY FILE]"

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13, CAT|II

Plugin: Unix

Control ID: 570ebeed7e4f55903756af63ddbda62cdf061278fec39462cff31122973d9eb9