-----Original Message----- From: David Blevins [mailto:[EMAIL PROTECTED] Sent: 11 May 2004 12:37 To: [EMAIL PROTECTED] Subject: Re: Security stuff
On Tue, May 11, 2004 at 01:21:16PM +0200, hbaxmann wrote: > > > 0. Take the security issue seriously with "class HelloWorld > > could not be > > > loaded because of security exception" kind of art using the > > already existing > > > java.security and java.policy thingy in conjuntion with a signed > > > org.apache.geronimo.system.main.Daemon geronimo-system-*.jar. > > > > > > > We definitely have these thoughts on our radar and plan on being total > > security nuts. We'd even like to sign things like our own packaged > > components which contain all the classes and configs of something > > Geronimo loads into its container as an actually part the system. > > > > Mhhhm, there are well known J2EE implementations which are able no more to > introduce a AOP-proved security because the whole thing has to be > "refactored": rewritten. Are there any standardization efforts in inventing > or using a already existent _idenfication_mechanism_ for class _instances_ ? > > Otherwise IMHO one will end up with a 'turn-one-key-open-all-doors' AOP > crap. > > >You missunderstood. The tidbit I just mentioned is an additional step for distrobution security, like PGP signing of tar.gz and zip files on the Apache > > >download sites, not a replacement for runtime security. I was just concurring and adding that we are not 'one-key-opens-all-doors' kind of thinkers. > > >Security should be a layered onion, not an achilles heal. Yes, but at the same time it should be easy to use and configure, added complexity leads to mistakes when people have to configure around your protocols, the onion shouldn't make you cry :-) Max > > >-David
