On May 27, 2005, at 8:25 PM, Brian K. Wallace wrote:
...
I'm not a committer, nor have I been more than an observer to what
Geronimo is doing and where it's going - primarily because everything
I've seen has placed it in the JBoss realm. I've used JBoss for
quite a
while and am always amazed at the functionality it has ingrained in it
for which I just have no use. Most of my time spent upgrading is in
finding out how to turn things off that have changed.
Security-wise it is also a nightmare. There is so much stuff running
in the container that I have no idea of. I usually bind the instance
to localhost and do port translation for those TCP/IP services that
need to be exposed, but even then there are still many ways to
connect to it from localhost that could potentially expose
information or give control to unauthorized people.
S.
