esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vassil Dichev <vdic...@apache.org>
Subject Re: Scala interpreter action
Date Mon, 06 Jul 2009 08:24:45 GMT
> Should we remove it completely from the source or should we just
> deactivate it by default?
>
> I agree that I wouldn't activate it in a producticve setting but it
> might be useful while developing.

Granted, this might not be the best way to monitor/debug ESME (e.g. if
memory is so tight the JVM won't be able to create a new interpreter
instance or send a new message). When I implemented the feature I was
actually thinking of Dick's request for making it easier for ESME
newcomers to learn Scala. I've also spent some time thinking about
using ESME in a university and this feature makes a lot of sense in a
classroom.

My point is, I still think it could be made secure with a careful
java.policy file (which a conscientious administrator should use
anyway). David, do you think the Scala interpreter is impossible to
secure or just not worth the effort? Also, what difference would it
make to use Rhino, but not Scala in terms of a secure interpreter? The
Scala interpreter implementation does use a new classloader and even
allows you to override it and implement your own one. Try e.g. "import
org.apache.esme.model.Message" or "import net.liftweb.util.Box".

If the primary concern is trust in a federation, we could make it so a
server is not allowed to participate in a federation if the Scala
interpreter action is enabled.

Cheers,
Vassil

Mime
View raw message