0

How can I check and detect a JVM corrupted? How can I check that Security Manager, Byte Code Verifier and Class Loader are working correctly?

Vadim Kotov
  • 8,084
  • 8
  • 48
  • 62
Giuseppe
  • 447
  • 2
  • 5
  • 14
  • Can you provide some context for the question? – Ed Staub Jul 15 '11 at 20:09
  • what kind of corruption are you talking about? – Bernd Elkemann Jul 15 '11 at 20:23
  • I'm implementing a Jar File that use Access Control end Content protection mechanisms... if the JVM on the machine that run the JAR is corrupted all mechanisms such as Security Manager, Byte Code Verifier and Class loader can overcome my protection allow an attacker to add new class or to bypass my checks – Giuseppe Jul 15 '11 at 20:27
  • If They can corrupt the JVM, how can you prevent Them from corrupting any checks that you might implement? – parsifal Jul 15 '11 at 21:06
  • Ok... than I want just block the execution if the JVM is corrupted! How can I verify the JVM corruption? – Giuseppe Jul 15 '11 at 21:30
  • To check whether the JVM is corrupted you need to examine all the components which could be potentially corrupted and validate them. IMHO This is not practical instead I suggest you a) don't run untrusted code in a critical JVM, b) prevent the JVM from getting corrupted. – Peter Lawrey Jul 15 '11 at 22:34
  • It sounds like the goal is copy protection. You can't achieve this in a standalone fashion. – Ron Jul 18 '11 at 00:53

1 Answers1

1

How can I check and detect a JVM corrupted? How can I check that Security Manager, Byte Code Verifier and Class Loader are working correctly?

You would do this the same way you would do for any other process. Typically, you would use a HIDS (Host Intrusion Detection System) that would detect if any changes are made to files. In your case, you would need a HIDS system that is capable of detecting changes to the filesystem, especially for the artifacts that constitute the runtime - the java executable and related shared libraries, and the runtime classes of the JRE. As long as the HIDS has been configured to detect changes to these files, you would not need any extraneous mechanisms for protecting them.

I've mostly encountered the use of Samhain and Tripwire for this purpose. There could be other HIDS systems that are also capable of this task.

You should not expect to find any mechanisms within the JVM itself that will detect if the JVM installation has been compromised, after such a mechanism itself could be compromised first, leading to a false belief that the JVM is trustworthy.

Vineet Reynolds
  • 76,006
  • 17
  • 150
  • 174