UCF STIG Viewer Logo

The application server must be able to function within separate processing domains (virtualized systems).


Overview

Finding ID Version Rule ID IA Controls Severity
V-35745 SRG-APP-000064-AS-000031 SV-47032r1_rule Medium
Description
Applications must employ the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions. Employing virtualization techniques to allow greater privilege within a virtual machine, while restricting privilege to the underlying actual machine is an example of providing separate processing domains for finer-grained allocation of user privileges. Virtualization and application isolation is a core competency of a Java-oriented application server. The Java Security Manager is used to create security policy that affects access to system resources
STIG Date
Application Server Security Requirements Guide 2013-01-08

Details

Check Text ( C-44088r1_chk )
Review AS documentation and configuration settings to determine if the AS Java Security Manager feature can be utilized to isolate and restrict access to system resources. If the AS is not configured to meet this requirement, this is a finding.
Fix Text (F-40288r1_fix)
Configure the AS Security Manager to limit access to system resources.