ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Running Response Rules manually leads to java thread leak on Enforce
Article ID: 171990
Updated On:
Products
Data Loss Prevention Enforce
Issue/Introduction
The Enforce console experiences out of memory errors, with "access denied" entries showing up in Tomcat.
These eventually lead to a need to restart the service
Following errors appear in the Tomcat (Manager localhost log):
28 Aug 2017 23:16:43,837- Thread: 214643 SEVERE
[com.vontu.manager.command.enforce.ManualCommandRuntimeLoader$1] Command runtime unloading failed
Cause:
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "modifyThread")
This error is also related to the same issue:
23 Oct 2017 13:57:27,205- Thread: 130 WARNING [com.vontu.manager.struts.ProtectActionProcessor] Permission to view page not granted. Access denied to requesting URI: /ProtectManager/SaveEndpointPartialMatchingManagement.do. Requires permission: modifyThread.
Cause
The docs team created the following entry in the 14.6 MP3 release notes for the fix to this issue:
4164405 : "Executing response rules as a non-Administrator user on the Enforce Server administration console lead to thread leakage and performance degradation over time."
Environment
Issue was discovered on RHEL servers, but are not believed to be limited to that OS.
Resolution
Upgrading either to 14.6 MP3, to 15.0 MP1, or to 15.1, will resolve this issue.
Feedback
Yes
No
Powered by
