karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Guillaume Nodet (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-3147) Local JMX connect is not possible
Date Wed, 10 Jun 2015 06:58:01 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14580135#comment-14580135
] 

Guillaume Nodet commented on KARAF-3147:
----------------------------------------

I think this is a general security constraint, but simply securing the JMX access does not
fix the issue imho.
In particular, if you have a way to deploy a bundle, you can pretty much do anything you want,
including removing bundles, updating bundles, shutting down the framework, deleting all files,
etc...
Without a security manager in place, there's nothing we can really do.
However, if there's no security manager configured, I don't really see the point of securing
inner JVM calls, so I think any solution should take this into account.

> Local JMX connect is not possible
> ---------------------------------
>
>                 Key: KARAF-3147
>                 URL: https://issues.apache.org/jira/browse/KARAF-3147
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-core
>    Affects Versions: 3.0.1
>         Environment: OS X, JDK 7
>            Reporter: Achim Nierbeck
>            Assignee: Guillaume Nodet
>            Priority: Critical
>             Fix For: 3.0.4, 4.0.0.M3, 2.4.3
>
>
> With neither local process nor with remote jmx connection 
> {code}
> service:jmx:rmi://0.0.0.0:44444/jndi/rmi://0.0.0.0:1099/karaf-root
> {code}
> it's possible to connect to Karaf via JMX. 
> Neither JConsole nor VisualVM is usable. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message