[wildfly-dev] my 2 cents on Security Manager discussion
Anil Saldhana
Anil.Saldhana at redhat.com
Mon Apr 21 14:35:48 EDT 2014
On 04/18/2014 05:44 PM, Bill Burke wrote:
> Late to the discussion, but this came up in conversations at DevNation.
>
> Are you sure you guys want to fully enable the Java security manager
> going forward? Jboss has been around for, what 14 years now? How many
> users/customers actually desire the Java Security Manager to be on by
> default? Could it be a possibility that the majority of our
> customers/users might freak out if they found that all of a sudden the
> Java Security Manager is on when it has been off the last 14 years?
>
> I don't know. Just seems to me that there is a lot of other cool ideas
> that you guys have been discussing that might be more interesting to
> wildfly's user base.
>
DML, Stefan Guilhen and I had a brainstorming session months ago before
the development of the security manager subsystem in WF8.
This session was mainly to address the permissions.xml requirement in EE7
https://blogs.oracle.com/SecuritEE/entry/java_ee_7_permission_declarations
During this session, we discussed the two options among many other
discussion items:
a) Enable Java Security Manager as default in WF8.
b) Create a custom JSM Policy implementation to replace the one in the JVM.
Both these options were immediately dropped as neither useful nor
necessary for
the WildFly community.
The Java Security Manager redesign happened around JDK 1.2 (applet era)
and has had no
major overhaul in the implementation. One change that may be useful is
the introduction of
a Policy SPI in JDK6:
http://docs.oracle.com/javase/6/docs/api/java/security/PolicySpi.html
JDK8 has limited doPrivileged:
http://openjdk.java.net/projects/jdk8/features#140
I agree with Stuart and Jason that enabling JSM by default is a terrible
idea.
More information about the wildfly-dev
mailing list