[jbpm-issues] [JBoss JIRA] Commented: (JBPM-1958) Security issue allows arbitrary java code to be deployed and executed

[ https://jira.jboss.org/jira/browse/JBPM-1958?page=com.atlassian.jira.plug... ] Tom Baeyens commented on JBPM-1958: ----------------------------------- should not be fixed in the designer. this should be fixed by not deploying the process-deployment-servlet in our product packages. i believe this is already the case asindicated by Len in GPD-278 the jbpm project distribution should keep its convenience of deploying through the designer and the servlet. so the only thing that should be done for this issue is make sure that after the SOA platform team switches to the new jbpm 3 branch, that they still keep the exclusion of the servlet in their build of the soa platform. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira