Details

The Java Security Manager is a java class that manages the external boundary of the Java Virtual Machine (JVM) sandbox, controlling how code executing within the JVM can interact with resources outside the JVM.

The Java Security Manager uses a security policy to determine whether a given action will be

permitted or denied.

To protect the host system, the JBoss application server must be run within the Java Security Manager.

Solution

For a domain installation:
Enable the respective JAVA_OPTS flag in both the domain.conf and the domain.conf.bat files.

For a standalone installation:
Enable the respective JAVA_OPTS flag in both the standalone.conf and the standalone.conf.bat files.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_JBoss_EAP_6-3_V2R2_STIG.ziphttps://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_JBoss_EAP_6-3_V2R2_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-3
• CAT|I
• CCI|CCI-000213
• Rule-ID|SV-213497r615939_rule
• STIG-ID|JBOS-AS-000030
• STIG-Legacy|SV-76715
• STIG-Legacy|V-62225
• Vuln-ID|V-213497

Source

• Tenable.com/audits