[wildfly-dev] my 2 cents on Security Manager discussion
arjan tijms
arjan.tijms at gmail.com
Wed Apr 23 10:08:28 EDT 2014
Hi,
On Wed, Apr 23, 2014 at 3:38 PM, Bill Burke <bburke at redhat.com> wrote:
> As much as we like to think the app server is an operating system, it
> isn't. The app server isn't a place where untrusted apps run.
>
I'm a big fan of this view. I know that originally the AS may have been
seen as a kind of OS for server apps, but in practice this just hasn't
worked out. The protection model of the OS with its isolating processes is
just much more powerful.
Running a single app per AS gives you better protection, even more if each
AS runs inside its own virtual server (which makes it even easier to limit
the CPU usage of individual apps). Additionally, a lot of problems
associated with updating either the JVM, the entire AS, or one or more
libraries of the AS just go away in the one-app-per-AS setup. Adam Bien
wrote a good article about this:
http://adam-bien.com/roller/abien/entry/why_not_one_application_per
I think Red Hat/JBoss shares the same belief. I mean, why else would
OpenShift use SELinux to isolate apps and not just run a bunch of them on a
single JBoss AS?
Kind regards,
Arjan Tijms
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20140423/18e2bfd3/attachment.html
More information about the wildfly-dev
mailing list