JRE8-UX-000020 - Oracle JRE 8 deployment.config file must contain proper keys and values - deployment.system.config

Gavin M. Dennis

22 April 2022 17:03

Details

The deployment.config configuration file contains two keys.

The 'deployment.properties' key includes the path of the 'deployment.properties' file and the 'deployment.properties.mandatory' key contains either a TRUE or FALSE value.

If the path specified to 'deployment.properties' does not lead to a 'deployment.properties' file, the value of the 'deployment.system.config.mandatory' key determines how JRE will handle the situation.

If the value of the 'deployment.system.config.mandatory' key is TRUE and if the path to the 'deployment.properties' file is invalid, the JRE will not allow Java applications to run. This is the desired behavior.

Solution

Navigate to the 'deployment.config' file for JRE:

/etc/.java/deployment/deployment.config

Add the key 'deployment.system.config=' to the deployment.config file. The following is an example:
'deployment.system.config=/etc/.java/deployment/deployment.properties'. Note the use of forward slashes.

Add the key 'deployment.system.config.mandatory=true' to the deployment.config file.

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_Oracle_JRE_8_UNIX_V1R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-6b.
CAT|II
CCI|CCI-000366
CSCv6|3.1
Rule-ID|SV-81399r2_rule
STIG-ID|JRE8-UX-000020
Vuln-ID|V-66909

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section