...
When it is necessary to run a JVM with debugging enabled, avoid granting permissions that are not needed by the application. In particular, avoid granting socket permissions to arbitrary hosts; that is, omit the permission java.net.SocketPermission "*", "connect,accept".
Exceptions
ENV05-J-EX0: A Java program may be remotely monitored using any of these technologies if it can be guaranteed that no program outside the local trust boundary can access the program. For example, if the program lives on a local network that is both completely trusted and disconnected from any untrusted networks, including the Internet, remote monitoring is permitted.
...
[JMX 2006] |
|
| |
| |
| |
Section 2.6, "The JVM Tool Interface" | |
...