Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must be able to function within separate processing domains (virtualized systems).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35745 | SRG-APP-000064-AS-000031 | SV-47032r1_rule | Medium |
| Description |
|---|
| Applications must employ the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions. Employing virtualization techniques to allow greater privilege within a virtual machine, while restricting privilege to the underlying actual machine is an example of providing separate processing domains for finer-grained allocation of user privileges. Virtualization and application isolation is a core competency of a Java-oriented application server. The Java Security Manager is used to create security policy that affects access to system resources |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-44088r1_chk ) |
|---|
| Review AS documentation and configuration settings to determine if the AS Java Security Manager feature can be utilized to isolate and restrict access to system resources. If the AS is not configured to meet this requirement, this is a finding. |
| Fix Text (F-40288r1_fix) |
|---|
| Configure the AS Security Manager to limit access to system resources. |