...
| Wiki Markup |
|---|
Platforms that support environment variables allow agents to be specified in such variables. "Platforms may disable this feature in cases where security is a concern; for example, the Reference Implementation disables this feature on UNIX systems when the effective user or group ID differs from the real ID." \[[JVMTI 2006|AA. Java References#JVMTI 06]\]. |
...
Do not start the JVM with any agents enabled on a production machine. This compliant solution removes the -agentlib command line argument and installs a security manager, as required by guideline ENV02-J. Create a secure sandbox using a Security Manager.
...