Rick Hillegas wrote:
> It seems to me a sysadmin needs our system privileges because she wants
> to prevent malicious shutdown (shutdownEngine privilege) and resource
> hogging (createDatabase privilege). I suspect that she also wants to
> control malicious shutdown via unauthorized calls to System.exit() and
> resource hogging via unauthorized use of java.io classes. For instance,
> she needs to prevent the following:
A lot of systems will not have any externally installed java code, and
will not consider your case to be an issue. For many such systems,
the main concern is not malicious users, but things happening by
accident. Examples:
- Someone use the default (or mistypes) port number and shuts down
the wrong engine.
- Some ports an embedded application to client/server and does not
remove the shutdown call.
For systems in this category, using policy files seems like an
unecessary overhead.
--
Øystein
