stanbol-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reto Bachmann-Gmür <>
Subject Re: [POLL] make "-no-security" the default
Date Fri, 05 Apr 2013 19:56:45 GMT
On Fri, Apr 5, 2013 at 2:36 PM, Rupert Westenthaler <> wrote:

> Including the Security Modules, but with -no-security as default
> (basically by adding an option -enable-security)

So you did not encounter any problem in the stable launcher which has a
security manager but not the authenticating bundles. Good.

> > What's not functioning?
> >
> > *Want To Fix*
> The server was running for some time with security
> enabled. From what I can remember all Engines for remote services
> where failing because they where not allowed to connect to those hosts
> - Zemanta, Calai, Celi, Spotlight.

A quick fix would be about assigning the network connection to the
anonymous user. But if user can execute code this would make it an open
proxy. Another work-around would be a setting "execute enhancer engines as
privileged" so that the discussion could be about enabling this more
specific setting rather than about disabling security alltogether.

> I would also expect the
> FileContentItem implementation (enhancer.core) to fail creating the
> temporary files.

We discussed this. As there is no specific permission for temporary file
this should be done in a privileged code block.

> The EntityDereferencer and EntitySearcher
> implementation of the Entityhub for SPARQL and CoolURI
> ( But there might be additional one -
> especially from other Stanbol Components (e.g. the CMS Adapter might
> be affected)
This issues are exactly the kind of issues the "smoke detector" is for.
Feel free to assign issues to me if something can't be fixed by the module


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message