[jboss-as7-dev] How hard would it be to support key based auth by default to make life simpler and more secure ?

[Jason Greene]

Sent from my iPhone

On Nov 13, 2011, at 12:50 PM, Max Rydahl Andersen <max.andersen at redhat.com> wrote:

> .Which sounds worse to me than a default locked down to only localhost…but I'm not a security expert :)

Just to answer this one point the problem with the interface being the only security is (as we do this as well)

1) Any user that gets even low privileged access to the box can control the app server, which can be used for privileged escalation as well as all the bad things you can do with full control of an app server.

2) if a user changes the interface address to be anything other than localhost they may not realize the consequences.

If java supported unix domain sockets we could have secured non-auth via file perms at least on UNIX. It does not though. Maybe one day we will do an xnio native unix domain plugin, but until then user/pass seems to be the least resistive option.