Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-32842 | JRE0060-J62K7 | SV-43645r2_rule | DCBP-1 | Medium |
Description |
---|
This configuration file must hold values of the location of the deployment.properties file, as well as the enforcement of these properties. Without a proper path for the properties file, deployment would not be possible. If the path specified does not lead to a properties file the value of the 'deployment.system.config. mandatory' key determines how to handle the situation. If the value of this key is true, JRE will not run if the path to the properties file is invalid. |
STIG | Date |
---|---|
Java Runtime Environment (JRE) version 6 STIG for Windows 7 | 2015-07-02 |
Check Text ( C-41520r8_chk ) |
---|
Navigate to the deployment.config file: If the deployment.config file does not exist, it must be created. The deployment.config file is a text file containing 2 keys. They are: deployment.system.config = deployment.system.config.mandatory = For 32 bit systems: C:\Program Files\Java\jre6\lib\deployment.config. For 64 bit systems you must check both the 64 bit and the 32 bit config files: C:\Program Files\Java\jre6\lib\deployment.config C:\Program Files (x86)\Java\jre6\lib\deployment.config Verify the 'deployment.system.config' key in the deployment.config file is set to the correct path. Note that the characters : and \ must be delimited by a backslash. The path contained in the deployment.config file(s) will depend upon system architecture. The following paths are examples. Drive letters may vary based upon your system. For 32 bit systems the path is: 'file:C\:\\Program Files\\Java\\jre6\\lib\\deployment.properties' For 64 bit systems the paths are: 'file:C\:\\Program Files\\Java\\jre6\\lib\\deployment.properties' 'file:C\:\\Program Files (x86)\\Java\\jre6\\lib\\deployment.properties' Verify the 'deployment.system.config.mandatory' key in the deployment.config file(s) are set to 'false'. If the 'deployment.system.config' key is not set to the correct path and the 'deployment.system.config.mandatory' key is not set to false, this is a finding. |
Fix Text (F-37156r9_fix) |
---|
Specify the path to the deployment.properties file in deployment.config and set the mandatory configuration values. If the deployment.config file does not exist, create the file. The deployment.config file is a text file containing 2 keys. They are: deployment.system.config = deployment.system.config.mandatory = On 32-bit systems the deployment config file should be located at: C:\Program Files\Java\jre6\lib\deployment.config On 64-bit systems there can be 2 locations for the deployment.config file. One is for 32 bit JRE and the other for 64 bit JRE: 64 bit - C:\Program Files\Java\jre6\lib\deployment.config 32 bit - C:\Program Files (x86)\Java\jre6\lib\deployment.config Include the following keys and values in the appropriate deployment.config file based upon your system architecture. If you are running both a 32 bit and a 64 bit JRE, you need to update both deployment.config files. The following are examples, drive letters may vary. 32 bit 'deployment.system.config=file:C\:\\Program Files (x86)\\Java\\jre6\\lib\\deployment.properties' 'deployment.system.config.mandatory=false'. 64 bit 'deployment.system.config=file:C\:\\Program Files\\Java\\jre6\\lib\\deployment.properties' 'deployment.system.config.mandatory=false'. |