Many Java performance tuning articles propose to disable bytecode verification when running a Java program (like a Java application server or web container like Tomcat).
This is WRONG and you must NOT apply it on your installations.
OK then, but what is bytecode verification in Java?
The full information is at JVM Specification. In short, it is the procedure to check that the program is type-safe in all program points.
In order to run your program faster, many optimization guides/articles recommend to use one of the following parameters:
You must NOT use any of the above parameters, as they may lead you to security problems!!!
It is highly recommended to remove all the above parameters from your startup parameters. If you do so, then the default value “-Xverify:remote” becomes active, which is an acceptable solution.
Alternatively, you can use parameter “-Xverify:all“, to apply full bytecode verification.
In case you need to investigate the problem in depth, please check CERT advisory “Do not disable bytecode verification“.
Democracy requires Free Software