> If port blocking can do everything, why we need to setup secret key?
You don't need to setup the secret key. You can just as easily disable it.
> Let's assume there are two groups of people sharing the same server. If we
> can use two JServs, we can start the two Jservs manually with different user
> id, let's say jserv1 and jserv2.
> Then we can setup the permission of
> resources which are private to group1 to be 600 and make it owned by jserv1.
> Thus only servlets run by the JServ with uid 'jserv1' can read thoese
> resources.
Ok. That is a valid concern and configuration.
> However, giving the two JServ same secret key may cause some
> security problem. That why I ask this question.
The secret key is used in order for the httpd process to authenticate a
connection to the jserv process. Say that one user attempts to authenticate
to another users jserv process (essentially that user is imitating the httpd
process) and is able to establish a connection. That user would also need to
know the inside workings of the servlet being executed as well. I know this
is security through obscurity, but in this case, it seems very unlikely that
someone would be able to pull this off. Especially without access to the
servlet internals. I personally think you should be more concerned with
those users hacking root on your box more than worrying about this part of
Apache JServ's security.
Regardless, you have the source code, if you want to increase the security
by adding the ability to have multiple key files, please feel free. We would
love to benefit from your contributions.
P.S. Re: my *complete* message...it was said with a big fat smile. I'm sorry
that some people might not understand that humor.
-jon
----------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://www.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
