tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Catalina.policy java.security.AllPermission
Date Thu, 09 May 2013 11:37:02 GMT
chris derham wrote:
>> Maybe the first question should be : why do you want to run this with the
>> Security Manager ?
>> As far as I understand this, the SM only really helps, if otherwise unsecure
>> applications can be deployed within your JVM.  Is that the case, or do you
>> know and control all the applications from the start ?
> 
> Isn't it more like a dog and a muzzle? In theory if you know the dog
> and it is always friendly, there is no need to use one. However if all
> dogs wore muzzles, there would be less dog attacks.
> 
> IMHO security in depth is about making things harder for the bad guys.
> Adding a security manager should do this, if it is configured
> correctly. BTW I am not saying that I actually do this, just that I
> think that everyone should to make it harder for when the bad guys
> break into your app
> 

I agree in the principle.
It's just that - as the OP's problem illustrates - running with SM enabled is a p.i.t.a.,

because 1) it certainly must have an overhead and 2) to do it right, it forces one to 
really know what every application is doing that matters to the SM.  (There isn't really 
any point in enabling the SM, and then giving every application the "AllPermissions" 
permission.)
Security-wise, that is not a bad thing certainly.  At least it forces you to know what 
these things are really doing.  But it is time-consuming, to say the least.

Anyway, it looks like the OP doesn't really have a choice.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message