> Should we remove it completely from the source or should we just > deactivate it by default? > > I agree that I wouldn't activate it in a producticve setting but it > might be useful while developing.
Granted, this might not be the best way to monitor/debug ESME (e.g. if memory is so tight the JVM won't be able to create a new interpreter instance or send a new message). When I implemented the feature I was actually thinking of Dick's request for making it easier for ESME newcomers to learn Scala. I've also spent some time thinking about using ESME in a university and this feature makes a lot of sense in a classroom. My point is, I still think it could be made secure with a careful java.policy file (which a conscientious administrator should use anyway). David, do you think the Scala interpreter is impossible to secure or just not worth the effort? Also, what difference would it make to use Rhino, but not Scala in terms of a secure interpreter? The Scala interpreter implementation does use a new classloader and even allows you to override it and implement your own one. Try e.g. "import org.apache.esme.model.Message" or "import net.liftweb.util.Box". If the primary concern is trust in a federation, we could make it so a server is not allowed to participate in a federation if the Scala interpreter action is enabled. Cheers, Vassil
