Re: [jboss-as7-dev] JBAS-9373, need control of what interfaces/ports are bound to
Nope I misread and was wrong; the address is not configurable, it's hard
coded:
return new ServerSocket(port, 0, InetAddress.getByName(null));
Which makes sense, the whole intent of that class is to ensure
uniqueness on the machine and that's impossible if different processes
use different addresses. Finding a better way to do this is a
long-standing issue.
On 4/21/11 12:33 PM, Brian Stansberry wrote:
I have a feeling this is a 1 line fix; give me a minute. It's
pulling
the port from the socket config, just not the address.
On 4/21/11 12:18 PM, Scott Stark wrote:
> I created this bug, now changed to an enhancement request:
> https://issues.jboss.org/browse/JBAS-9373
>
> to deal with the tm layer binding to an anonymous port on the 127.0.0.1
> interface as a means to obtain a system wide unique number. How this is
> done is not exposed via the domain model, and when running in an selinux
> (secured linux) environment we need control over what interfaces/ports
> are bound to, where files are written, etc. to be able to write the
> correct selinux policy.
>
> Do we need, or already have a id service that can be leveraged here? It
> looks like the arjuna Uid class that is used generates a 28 byte/224 bit
> value.
>
> The main issue is that any subsystem has to express what privileged
> resources it is making use of through the domain model.
>
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
--
Brian Stansberry
Principal Software Engineer
JBoss by Red Hat