Manual quarantine and manual release from quarantine Smart Responses (part of the Symantec Data Loss Prevention flex response server plugin) no longer work in 15.5, 15.7. The green banner pops up on the screen saying that the action will take place asynchronously; but, the action never occurs. It is now failing with a permission error mentioning ShutdownHooks in the localhost log.
The localhost log will show these errors:Level: SEVERE
Source: com.vontu.incidentresponse.action.invoker.ActionInvoker
Message: (RESPONSE_ACTION.13) FlexResponse Action [Release From Quarantine] failed and threw an exception: ExceptionInInitializerError.
Cause:
java.lang.ExceptionInInitializerErrorjava.lang.ExceptionInInitializerError
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:79)
... 8 more
Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.Runtime.addShutdownHook(Runtime.java:209)
at jcifs.context.AbstractCIFSContext.<init>(AbstractCIFSContext.java:44)
at jcifs.context.BaseContext.<init>(BaseContext.java:69)
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:67)
... 8 more
java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:79)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.Runtime.addShutdownHook(Runtime.java:209)
at jcifs.context.AbstractCIFSContext.<init>(AbstractCIFSContext.java:44)
at jcifs.context.BaseContext.<init>(BaseContext.java:69)
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:67)
... 8 more
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.Runtime.addShutdownHook(Runtime.java:209)
at jcifs.context.AbstractCIFSContext.<init>(AbstractCIFSContext.java:44)
at jcifs.context.BaseContext.<init>(BaseContext.java:69)
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:67)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
SEVERE
[com.vontu.incidentresponse.action.invoker.ActionInvoker] The plugin action raised an exception.
Cause:
java.lang.NoClassDefFoundError: Could not initialize class
com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilitiesjava.lang.NoClassDefFoundError: Could not initialize class
com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks") needs that permission in manager.policy.