Magnus Stenman wrote:
> Yes,
> we're adding support for setuid after the HTTP server-sockets have been
> connected, this disables the ability to add new sites on a live server among
> other things though but works for some stuff. Also note that we see java
> security as more important (but will of course support setuid for paranoid
> (not neccessarily a bad thing ;) admins who only trust their OS and not
> java). But talking purely technically we see "java -jar orion.jar -secure"
> as a more important (and resulting in better security) thing to support,
> it's experimental right now so if you have any problems using it please send
> us a mail describing the problem. Java(2) security is a lot more fine
> grained/tuneable, simply a fresher/better arch but that said one doesnt
> exclude the other, so using -Dnative.user=myOrionUser (will be added to the
> next jar, working on .so's/components for some of the popular platforms)
> and -secure at the same time is a very feasable way to go. (-secure alone is
> a lot nicer to use though when you're dealing with a multi-user site with
> apps owned by several users etc).
>
> /Magnus Stenman, the Orion team
>
> PS. The startup servlet is certainly possible, yes, this approach is
> currently used by a few deployed systems such as for instance
> http://www.vpro.nl.
>
Just to add for the 100% paranoid a good 'fix' is also to just leave all your
java code
running on a high port so no tricks are needed and use something like squid
(proxy) or
a 'plug' from the tis firewall kit to map to the webserver.
Greetings,
Daniel Ockeloen
Submarine.nl (ex vpro).
www.mmbase.org
