I've seen this question on stackoverflow, but without a clear answer. How do you disable JDWP on linux server? We had a security team recommend to disable JDWP due to RCE.
Ref: https://ioactive.com/hacking-java-debug-wire-protocol-or-how/
Thank you.
Asked
Active
Viewed 5,016 times
1 Answers
1
JDWP is only enabled if you ask for it (-agentlib:jdwp), so:
To disable: Don't ask.
To see what not to do:
What are Java command line options to set to allow JVM to be remotely debugged?
Andreas
- 154,647
- 11
- 152
- 247