Hi,

 

Just want to throw in my other cent:

 

The Java Security Manager makes a lot of sense also on the server side when you are building component based software and want for instance to ensure that some components are eligible to access some data and others are not.

 

If you can ensure that most components are not able to access certain sensitive data then you can skip them in security audits and that’s a great win!

 

Javas visibility is not capable of handling this.

 

Kind regards,

Robert

 

From: wildfly-dev-bounces@lists.jboss.org [mailto:wildfly-dev-bounces@lists.jboss.org] On Behalf Of Anil Saldhana
Sent: Monday, April 21, 2014 8:29 PM
To: wildfly-dev@lists.jboss.org
Subject: Re: [wildfly-dev] my 2 cents on Security Manager discussion

 

On 04/19/2014 12:43 PM, arjan tijms wrote:

Hi,

 

Just wondering, but what is the primary use case for a security manager server side?

 

While the model obviously makes sense for Applets and Webstart where untrusted code is executed on the user's machine, I found it to be extremely rare for a server to run untrusted code. In fact, I don't think I've ever seen this situation.

I agree with what you are saying. Unfortunately there are a handful of users/developers/sys-admins who are required to run the JVM under the JSM. Might be corporate policy or compliance etc.
Luckily they are a minority. They always pinpoint if there are any particular permission failing under the JSM.

The JSM was really invented around the applet era and has really not seen any major adaptation/overhaul for the s/w industry growth.


 

There's maybe a case to prevent privilege escalation in case of a legitimate app being hacked, but in practice it doesn't look like a security manager is really being used a lot for that, is it? Instead the default thing to do there seems to be to run the AS under a user with limited rights on the host OS and/or use things like SELinix or Virtual Servers (e.g. XEN) to isolate the complete AS.

 

Kind regards,

Arjan Tijms

 

 

 

 

On Sat, Apr 19, 2014 at 1:53 AM, Jason T. Greene <jgreene@redhat.com> wrote:



Sent from my iPhone


> On Apr 18, 2014, at 5:50 PM, Stuart Douglas <stuart.w.douglas@gmail.com> wrote:
>
>
> Enabling the security manager by default is a terrible idea.

+1000

___________

 

WINCOR NIXDORF International GmbH
Sitz der Gesellschaft: Paderborn
Registergericht Paderborn HRB 3507
Geschäftsführer: Eckard Heidloff (Vorsitzender), Dr. Jürgen Wunram (stellv. Vors.), Jens Bohlen, Olaf Heyden
Vorsitzender des Aufsichtsrats: Dr. Alexander Dibelius
Steuernummer: 339/5884/0020 - Ust-ID Nr.: DE812927716 - WEEE-Reg.-Nr. DE44477193

Diese E-Mail enthält vertrauliche Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben,
informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet.

This e-mail may contain confidential information.
If you are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail.
Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.