In the majority of these cases, you can assign the necessary privilege manually to the account used by that application. However, if this workaround isn't sufficient, or if you need to remove a particular privilege, such as allowing anyone to access information through Java Management Extensions (JMX) without requiring the jmx-read privilege, then you can disable privileges on an individual basis.

The disabled-privilege property in the global configuration object controls the set of disabled privileges. By default, no privileges are disabled. If a privilege is disabled, then the server behaves as if all users have that privilege.