- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-08-2023 12:14 AM
Hello,
I need some advice regarding the "Known Vulnerable Processes Protection" for Linux.
This protection seems to prevent the jetbrains IDE IntelliJ IDEA (version 2023.3 build 223.7571.182) from running because of the Java Deserialisation Protection module (regarding log4j https://blog.jetbrains.com/platform/2022/02/removing-log4j-from-the-intellij-platform/ ).
What is the best way to get this IDE to run while maintaining the protection?
Thanks in advance.
Decio
02-08-2023 07:39 AM
Hi @Decio_VD ,
Thank you for writing to live community!
If you have a prevention alert from Java Deserialisation protection module , you can create alert exceptions for the same. Creating alert exceptions disables the Java deserialisation protection module for the initiator process and should allow you to run the application.
However, this is not just the end of it. Once created, we recommend you to right click on the alert and retrieve alert dump data file and open a case with our support team describing the situation well. The TAC/engineering will analyse the logs and can do a detailed/granular level whitelist in form of a content update or provide you a support exception that will create more granularity for the same. Once the whitelist mechanism is provided, you can remove the exceptions and your should have the protection on the process while allowing the specific action for the application process.
Steps:
Hope this helps!
Please mark the response as "Accept as Solution" if it helps!
Regards.
02-08-2023 07:39 AM
Hi @Decio_VD ,
Thank you for writing to live community!
If you have a prevention alert from Java Deserialisation protection module , you can create alert exceptions for the same. Creating alert exceptions disables the Java deserialisation protection module for the initiator process and should allow you to run the application.
However, this is not just the end of it. Once created, we recommend you to right click on the alert and retrieve alert dump data file and open a case with our support team describing the situation well. The TAC/engineering will analyse the logs and can do a detailed/granular level whitelist in form of a content update or provide you a support exception that will create more granularity for the same. Once the whitelist mechanism is provided, you can remove the exceptions and your should have the protection on the process while allowing the specific action for the application process.
Steps:
Hope this helps!
Please mark the response as "Accept as Solution" if it helps!
Regards.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!