On 01/10/2010 19:32, Rainer Jung wrote: > Should we remove the following attributes from the respective mbeans? > > - "shutdown" from "Catalina:type=Server" > - "keyPass" from "Catalina:type=ProtocolHandler,port=8080" > - "password" from "User" > - "connectionPassword" from "JDBCRealm" > - "password" for a DataSource (?)
I'd say no. I've always view JMX as a 'root' equivalent management interface. JMX access is appropriately locked down by default. > Or at least allow to drop them from a jmxproxy query (e.g. > qry=*:*&filter=nopass). I can see more of an argument for this although I'm not sure how easy it would be to do. My view on whether or not this should be done will be highly dependent on how maintainable the code is. > Of course it is likely that people having access to JMX are already > powerful enough to do harm. +1 > On the other hand at least exports via > jmxproxy are not to unlikely to get passed outside for troubleshooting. You'd hope :). There is potentially a wider audience though. > Is anyone aware of more of those? JNDIRealm connectionPassword Connector secret and probably a bunch of others. I didn't look too hard > What about user names for the cases where they also exist? Strictly, yes. Keeping the setter but providing alternative getters for JMX that return "*****" may be an option as well. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
