This is an automated email from the ASF dual-hosted git repository.
tbouron pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-server.git
The following commit(s) were added to refs/heads/master by this push:
new 7266ec2 update comment to note potential vulnerabilities for
JmxmpAgent
new c59b75a Merge pull request #1088 from geomacy/jmxmp-update-comment
7266ec2 is described below
commit 7266ec2e5ccd9fee163fd5aa8217814b3841b876
Author: Geoff Macartney <geoff.macart...@gmail.com>
AuthorDate: Mon Mar 9 23:32:45 2020 +0000
update comment to note potential vulnerabilities for JmxmpAgent
---
.../src/main/java/org/apache/brooklyn/util/jmx/jmxmp/JmxmpAgent.java | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git
a/utils/jmx/jmxmp-ssl-agent/src/main/java/org/apache/brooklyn/util/jmx/jmxmp/JmxmpAgent.java
b/utils/jmx/jmxmp-ssl-agent/src/main/java/org/apache/brooklyn/util/jmx/jmxmp/JmxmpAgent.java
index 488e7f5..1dccbc4 100644
---
a/utils/jmx/jmxmp-ssl-agent/src/main/java/org/apache/brooklyn/util/jmx/jmxmp/JmxmpAgent.java
+++
b/utils/jmx/jmxmp-ssl-agent/src/main/java/org/apache/brooklyn/util/jmx/jmxmp/JmxmpAgent.java
@@ -47,8 +47,11 @@ import org.apache.brooklyn.util.jmx.jmxmp.JmxmpAgent;
/**
- * This exposes JMX access over JMXMP, suitable for high-security environments,
+ * This exposes JMX access over JMXMP. This is intended to be suitable for
high-security environments,
* with support for going through firewalls as well as encrypting and
authenticating securely.
+ * Note, however, that implementations of JMX/RMI are potentially vulnerable
to java
+ * deserialization attacks. Users should attend to the security of these
components in line with their best
+ * practices, and verify that JMXMP is suitable for their requirements before
using this class.
* <p>
* Listens on 11099 unless overridden by system property brooklyn.jmxmp.port.
* <p>
