> On Tue, May 11, 2004 at 01:21:16PM +0200, hbaxmann wrote: > > > > 0. Take the security issue seriously with "class HelloWorld > > > could not be > > > > loaded because of security exception" kind of art using the > > > already existing > > > > java.security and java.policy thingy in conjuntion with a signed > > > > org.apache.geronimo.system.main.Daemon geronimo-system-*.jar. > > > > > > > > > > We definitely have these thoughts on our radar and plan > on being total > > > security nuts. We'd even like to sign things like our > own packaged > > > components which contain all the classes and configs of something > > > Geronimo loads into its container as an actually part the system. > > > > > > > Mhhhm, there are well known J2EE implementations which are > able no more to > > introduce a AOP-proved security because the whole thing has to be > > "refactored": rewritten. Are there any standardization > efforts in inventing > > or using a already existent _idenfication_mechanism_ for > class _instances_ ? > > > > Otherwise IMHO one will end up with a > 'turn-one-key-open-all-doors' AOP > > crap. > > You missunderstood. The tidbit I just mentioned is an > additional step for distrobution security, like PGP signing > of tar.gz and zip files on the Apache download sites, not a > replacement for runtime security.
Uhu, now I understoud. But regarding the runtime security: it doesn't exist at all in the default config of the JVM, does she? Agreed? > I was just concurring and > adding that we are not 'one-key-opens-all-doors' kind of thinkers. That's why im posting here. Please accept my apologies. This is caused by a misunderstanding on my side, sorry for my bad english writing and reading and understanding - I never ever thought of something near this about you. > Security should be a layered onion, not an achilles heal. Yeap, my questions are about the most inner skin of the onion. bax
