Maybe it is the right moment to remind you of my idea that codebase
annotations could be objects treated exactly the same as service proxies
and verified with TrustVerifiers. Wouldn't it solve the problem?
Michal
On 2013-05-01 11:42, Peter Firmstone wrote:
Hmm, yes we actually need to completely avoid Serialization and RMI
until we've authenticated the remote end, I've been thinking about
developing a ServiceLocator, that can be constructed from a string,
that isn't serializable, but allows a service connection to be
authenticated, prior to downloading a service proxy.
A lookup service could return ServiceLocator's instead of Proxy's.
On 1/05/2013 5:52 AM, Gregg Wonderly wrote:
It's interesting, that after all of these years of remote codebase
loading and all the associated security risks being openly discussed
and Sun's Jini team trying to address those, with no support for the
larger community (JSRs voted down), that this statement appears at
the end of the announcement.
"Caution: Running a system with the java.rmi.server.useCodebaseOnly
property set to false is not recommended, as it may allow the loading
and execution of untrusted code."
Really? How could that be a problem? And is it really something that
is only being realized now?
Gregg Wonderly
On Apr 30, 2013, at 6:53 AM, Dennis Reedy<dennis.re...@gmail.com> wrote:
FYI, this caused grief yesterday on my project. Some of the team had
updated Java to JDK 7 Update 21. With this update the following
change has been made:
The RMI property java.rmi.server.useCodebaseOnly is set to true by
default. In earlier releases, the default value was false.
More detail here:
http://docs.oracle.com/javase/7/docs/technotes/guides/rmi/enhancements-7.html
The simple fix for us is to set -Djava.rmi.server.useCodebaseOnly=false
HTH
Dennis
--
Michał Kłeczek
XPro Quality Matters
http://www.xpro.biz
