[jira] [Commented] (OWB-1027) Use Apache Commons Weaver's privilizer module for privileged action code in OWB

Wed, 12 Nov 2014 14:03:13 -0800 

    [ 
https://issues.apache.org/jira/browse/OWB-1027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14208782#comment-14208782
 ] 

Matt Benson commented on OWB-1027:
----------------------------------

The point is not how useful the {{SecurityManager}} is or is not but rather 
that when we provide implementations of Java EE specifications we have to 
assume that some users may want to use the {{SecurityManager}} even if we think 
it is completely broken and useless. If we provide {{public}} objects with 
{{public}} methods that do privileged things, those are openings whereby third 
party code can do things that the deployment policy didn't intend for that code 
to be able to do, using OWB's privileges. This is the problem privilizer 
addresses; there is no point in using it in the context of a centralized 
{{SecurityService}} implementation because the vulnerability remains. To your 
other requirements:

* weaver/privilizer adds no runtime dependencies
* debugging is currently not possible on privilized code; in theory it might be 
possible to _partially_ support debugging in the future.


> Use Apache Commons Weaver's privilizer module for privileged action code in 
> OWB
> -------------------------------------------------------------------------------
>
>                 Key: OWB-1027
>                 URL: https://issues.apache.org/jira/browse/OWB-1027
>             Project: OpenWebBeans
>          Issue Type: Task
>    Affects Versions: 1.5.0
>            Reporter: Matt Benson
>
> See 
> [http://commons.apache.org/proper/commons-weaver/commons-weaver-modules-parent/commons-weaver-privilizer-parent/index.html];
>  this code was intended for helping Apache JEE components use the 
> {{SecurityManager}} in such a fashion as to make the invocation of privileged 
> actions as transparent as possible.
> A concern is that to make full use of the privilizer module's potential, 
> OWB's {{SecurityService}} notion would IMO best be removed entirely to 
> minimize the surface area of publicly accessible code that makes privileged 
> calls. Since this interface and its implementations, as well as the 
> {{deprecated SecurityUtil}} class, are {{public}}, this constitutes a break 
> in API compatibility and forces the community to think about if, when, and 
> how to upgrade OWB to v2.x .



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to