Hearing no objections, and finding yet more reasons to do so, I'm moving
ahead with this. The security manager will be enabled at boot by giving
the -secmgr flag to the startup script. The security manager subsystem
will configure permissions only.
On 09/26/2014 10:53 AM, David M. Lloyd wrote:
At present in WildFly upstream, the security manager is only
installed
when the security manager subsystem installation commences, leading to
PRs like this one [1] being rejected. However, feedback from various
quarters indicates that this relatively late installation may not be
acceptable for a couple different reasons. The current EAP version
supports using the -secmgr flag to the start scripts to tell the
bootstrap to install the security manager via jboss-modules' discovery
process, which happens at the very beginning of process start.
I'm thinking maybe we should bring this functionality forward, resurrect
#175, and modify the security manager subsystem to attach to the
currently installed security manager. This is also more friendly to
embedded processes; we should support (for example) permission
specification in deployments even if we don't directly control the
security manager. This also allows the security manager subsystem to
run even if no security manager is installed, so validation of
permissions.xml (for example) will still take place.
Thoughts?
[1]
https://github.com/wildfly/wildfly-core/pull/175
--
- DML