Details
package.access grants or revokes access to listed packages during runtime. It is recommended that application access to certain packages be restricted.
Rationale:
Prevent web applications from accessing restricted or unknown packages which may be malicious or dangerous to the application.
Solution
Edit $CATALINA_BASE/conf/catalina.properties by adding allowed packages to the package.access list:
package.access = sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat., org.apache.jasper
Default Value:
The default package.access value within $CATALINA_BASE/conf/catalina.properties is:
package.access = sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat., org.apache.jasper
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.