Of course we can try to secure access to the file system but this is a
really difficult task and can cause a lot of side effects.
After all it will always be necessary to let karaf admins install
bundles and some of these bundle need access to the file system.
I think blocking access on the outer layer like ssh is the easier solution.
Christian
Am 29.05.2012 13:07, schrieb Guillaume Nodet:
That's a fair and valid point. I think this needs to be given some thoughts.
The problem in that case isn't really to secure karaf itself, but
rather the OS file system, which can be used as a gateway to access
the file system and execute commands.
--
Christian Schneider
http://www.liquid-reality.de
Open Source Architect
Talend Application Integration Division http://www.talend.com
