activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lionel Cons <lionel.c...@cern.ch>
Subject Re: Security of the management interface
Date Mon, 30 May 2011 13:15:35 GMT
Hiram Chirino writes:
 > Now if you access:
 > /broker/config
 > That gives you the raw configuration file as it exists on disk without
 > any variable substitution performed.
 > 
 > So if you store passwords in the file, then they will get
 > transmitted.

Hiram,

I have the feeling that other parts of the configuration file can also
be sensitive. The <acl> elements for instance can tell you who can do
what on the broker.

IMHO, the access to the broker configuration as a whole is sentive
enough to deserve a dedicated element controlling its authorization.

Cheers,

Lionel

Mime
View raw message