On 02/09/2010 17:31, Christopher Schultz wrote: > Pid, > > On 9/2/2010 11:51 AM, Pid wrote: >>> On 9/2/2010 11:28 AM, Christopher Schultz wrote: >>>> 1. Use a password entered on the console during start-up (the "Apache >>>> httpd strategy") > >> java.io.Console makes this easy in Java 6, but... > > Right: before Java 6, you'd have to enter the password clear-text on the > console. :( > >>>> All other strategies simply move the problem to some other component. >>>> Protecting one password requires another password which requires >>>> protecting which ... you get the idea. > >> ..lots of info is available by JMX, once the server is up. In Java 6 >> you can attach to the process locally, without having to configure the >> JMX ports because it injects the management agent into the virtual machine. > > I hadn't considered that, never having used JMX. Are you saying that > anyone with local access can snoop a JVM? What are the strategies > available to prohibit that? Can you disable local JMX altogether? How > about some kind of authentication?
Pretty much. I'm not sure how to disable it, I've only just got the hang of enabling it. http://download.oracle.com/javase/6/docs/jdk/api/attach/spec/com/sun/tools/attach/VirtualMachine.html Also: sun.management.ConnectorAddressLink, but I can't find a javadoc for that. p >> Worse, if they're already on your server they've probably got a much >> bigger surface area to attack, than just Tomcat. And if they get root, >> it's all over. > > +1 > > -chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
