Enable the hardened java security manager [New in Security Center 1.3]

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • The glide.security.manager property contains the Java classname of the current Java security manager.

    Warning:
    This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.

    More information

    Attribute Description
    Configuration name glide.security.manager
    Configuration type System Properties (/sys_properties_list.do)
    Data type string
    Recommended value com.glide.sys.security.ContextualSecurityManager
    Default value com.glide.sys.security.ContextualSecurityManager
    Category Validation, sanitization, and encoding
    Security risk
    • Severity score: 7.2
    • CVSS score: High
    • Security risk details: If glide.security.manager is not set to the recommended value of com.glide.sys.security.ContextualSecurityManager, then the instance may be using an obsolete Java security manager which is missing expected hardening policies. Without this hardening, a malicious actor with script execution access could get remote code execution on the instance.
    Dependencies and prerequisites None