2.5.5. Java Security Manager Policy File

To operate JBoss Enterprise Application Platform according to the requirements of the certification, you must do the following to ensure applications running on the system have the correct access privileges:

Correctly installing the jbossas-security-policy-cc package is covered as part of the installation procedures in Chapter 3, Downloading and Verifying the Packages. The jbossas-security-policy-cc package provides the security_cc.policy file, which is installed in the JBOSS_HOME/bin/ directory.

The security manager policy file for the common criteria evaluated configuration can require additions of permissions that are needed for database drivers to function for user applications. The system administrator can assign permissions to the database drivers that are needed by user applications. It is recommended that the most restrictive permissions are added

You must define security access permissions for the database

For security reasons, you must manually specify the policy file in the run.conf (Linux) or run.conf.bat (Windows) file. For complete instructions on configuring the JSM to use the security_cc.policy, refer to the Using the Security Manager section in the Security Guide.