<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div><br><br>Sent from my iPhone</div><div><br>On 22 Apr 2014, at 16:54, "Panzer, Robert" <<a href="mailto:Robert.Panzer@wincor-nixdorf.com">Robert.Panzer@wincor-nixdorf.com</a>> wrote:<br><br></div><blockquote type="cite"><div><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><meta name="Generator" content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.E-MailFormatvorlage17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--><div class="WordSection1"><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Hi,<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Just want to throw in my other cent:<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">The Java Security Manager makes a lot of sense also on the server side when you are building component based software and want for instance to ensure that some components are eligible to access some data and others are not.<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">If you can ensure that most components are not able to access certain sensitive data then you can skip them in security audits and that’s a great win!<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Javas visibility is not capable of handling this.</span></p></div></div></blockquote><div><br></div><div>We are trying to make running under a security manager as easy as possible, just not by default.</div><div><br></div><div>Stuart</div><br><blockquote type="cite"><div><div class="WordSection1"><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Kind regards,<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Robert <o:p></o:p></span></p><p class="MsoNormal"><o:p> </o:p></p><div><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> <a href="mailto:wildfly-dev-bounces@lists.jboss.org">wildfly-dev-bounces@lists.jboss.org</a> [<a href="mailto:wildfly-dev-bounces@lists.jboss.org">mailto:wildfly-dev-bounces@lists.jboss.org</a>] <b>On Behal</b></span><b><span lang="DE" style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">f Of </span></b><span lang="DE" style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">Anil Saldhana<br><b>Sent:</b> Monday, April 21, 2014 8:29 PM<br><b>To:</b> <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br><b>Subject:</b> Re: [wildfly-dev] my 2 cents on Security Manager discussion<o:p></o:p></span></p></div></div><p class="MsoNormal"><o:p> </o:p></p><div><p class="MsoNormal">On 04/19/2014 12:43 PM, arjan tijms wrote:<o:p></o:p></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><p class="MsoNormal">Hi, <o:p></o:p></p><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal">Just wondering, but what is the primary use case for a security manager server side?<o:p></o:p></p></div><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal">While the model obviously makes sense for Applets and Webstart where untrusted code is executed on the user's machine, I found it to be extremely rare for a server to run untrusted code. In fact, I don't think I've ever seen this situation.<o:p></o:p></p></div></div></blockquote><p class="MsoNormal">I agree with what you are saying. Unfortunately there are a handful of users/developers/sys-admins who are required to run the JVM under the JSM. Might be corporate policy or compliance etc.<br>Luckily they are a minority. They always pinpoint if there are any particular permission failing under the JSM.<br><br>The JSM was really invented around the applet era and has really not seen any major adaptation/overhaul for the s/w industry growth.<br><br><br><o:p></o:p></p><div><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal">There's maybe a case to prevent privilege escalation in case of a legitimate app being hacked, but in practice it doesn't look like a security manager is really being used a lot for that, is it? Instead the default thing to do there seems to be to run the AS under a user with limited rights on the host OS and/or use things like SELinix or Virtual Servers (e.g. XEN) to isolate the complete AS.<o:p></o:p></p></div><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal">Kind regards,<o:p></o:p></p></div><div><p class="MsoNormal">Arjan Tijms<o:p></o:p></p></div><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal"><o:p> </o:p></p></div></div><div><p class="MsoNormal" style="margin-bottom:12.0pt"><o:p> </o:p></p><div><p class="MsoNormal">On Sat, Apr 19, 2014 at 1:53 AM, Jason T. Greene <<a href="mailto:jgreene@redhat.com" target="_blank">jgreene@redhat.com</a>> wrote:<o:p></o:p></p><p class="MsoNormal"><br><br>Sent from my iPhone<o:p></o:p></p><div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>> On Apr 18, 2014, at 5:50 PM, Stuart Douglas <<a href="mailto:stuart.w.douglas@gmail.com">stuart.w.douglas@gmail.com</a>> wrote:<br>><br>><br>> Enabling the security manager by default is a terrible idea.<o:p></o:p></p></div><p class="MsoNormal">+1000<o:p></o:p></p><div><div><p class="MsoNormal">___________<o:p></o:p></p></div></div></div></div><p class="MsoNormal"> <o:p></o:p></p></div>
<blockquote><b>WINCOR NIXDORF International GmbH</b><br>Sitz der Gesellschaft: Paderborn<br>Registergericht Paderborn HRB 3507<br>Geschäftsführer: Eckard Heidloff (Vorsitzender), Dr. Jürgen Wunram (stellv. Vors.), Jens Bohlen, Olaf Heyden<br>Vorsitzender des Aufsichtsrats: Dr. Alexander Dibelius<br>Steuernummer: 339/5884/0020 - Ust-ID Nr.: DE812927716 - WEEE-Reg.-Nr. DE44477193<br><br>Diese E-Mail enthält vertrauliche Informationen.<br>Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben,<br>informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail.<br>Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet.<br><br>This e-mail may contain confidential information.<br>If you are not the intended recipient (or have received this e-mail in error)<br>please notify the sender immediately and destroy this e-mail.<br>Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.</blockquote>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>wildfly-dev mailing list</span><br><span><a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a></span><br><span><a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a></span></div></blockquote></body></html>