On 04/19/2014 12:43 PM, arjan tijms wrote:
Hi,
Just wondering, but what is the primary use case for a security
manager server side?
While the model obviously makes sense for Applets and Webstart where
untrusted code is executed on the user's machine, I found it to be
extremely rare for a server to run untrusted code. In fact, I don't
think I've ever seen this situation.
I agree with what you are saying.
Unfortunately there are a handful of
users/developers/sys-admins who are required to run the JVM under the
JSM. Might be corporate policy or compliance etc.
Luckily they are a minority. They always pinpoint if there are any
particular permission failing under the JSM.
The JSM was really invented around the applet era and has really not
seen any major adaptation/overhaul for the s/w industry growth.
There's maybe a case to prevent privilege escalation in case of a
legitimate app being hacked, but in practice it doesn't look like a
security manager is really being used a lot for that, is it? Instead
the default thing to do there seems to be to run the AS under a user
with limited rights on the host OS and/or use things like SELinix or
Virtual Servers (e.g. XEN) to isolate the complete AS.
Kind regards,
Arjan Tijms
On Sat, Apr 19, 2014 at 1:53 AM, Jason T. Greene <jgreene(a)redhat.com
<mailto:jgreene@redhat.com>> wrote:
Sent from my iPhone
> On Apr 18, 2014, at 5:50 PM, Stuart Douglas
<stuart.w.douglas(a)gmail.com <mailto:stuart.w.douglas@gmail.com>>
wrote:
>
>
> Enabling the security manager by default is a terrible idea.
+1000
___________