[jboss-remoting-issues] [JBoss JIRA] Updated: (JBREM-929) Secure remote classloading
David Lloyd (JIRA)
jira-events at lists.jboss.org
Tue Sep 2 21:04:38 EDT 2008
[ https://jira.jboss.org/jira/browse/JBREM-929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Lloyd updated JBREM-929:
------------------------------
Fix Version/s: 3.0.0.Beta1
(was: 3.0.0-M3)
> Secure remote classloading
> --------------------------
>
> Key: JBREM-929
> URL: https://jira.jboss.org/jira/browse/JBREM-929
> Project: JBoss Remoting
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Reporter: David Lloyd
> Fix For: 3.0.0.Beta1
>
>
> Remote classloading should be allowed only if either (a) a security manager is installed (and thus the security manager would create the policy) or (b) a specific option is enabled (which would be disabled by default) to allow it.
> Also, the remote classloader needs to be able to work with the standard security manager policy - which is to say, that classes loaded from a remote service need to have a unique codeBase URL so that administrators can grant permission to remote classes based on the service from whence they came.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-remoting-issues
mailing list