Unfortunately, I think that I am forced to use the SecurityManager because
we have an ISP environment.  Currently it is possible for a JSP page to read
any file on the server with file.io.  We run hosts within their own JVMs,
which prevents some malicious code like shutting down resin, but it doesn't
prevent a person from viewing any file on the server.  Also because we run
in an ISP environment, malicious file reading with DB passwords, etc can be
very bad.


I have seen that with Tomcat, it can be jailed with chroot on Solaris.  But,
even if I chroot Resin, I think that the Resin folder will need to be
contained within the chroot, and hence the resin.conf with DB passwords,
etc.  Or, I can create a different chroot directory for each host.  Or I can
CHROOT resin and then run each JVM as a different user which would prevent
unauthorized file access.  I am just not sure that this would provide a good
layer of security.


If you can suggest the best way to run securely in an ISP environment,
without using the security-manger, I'd love that.  But I think that I
currently forced to use it based on our requirements.


A great future enhancement would be to by default "lock each host" into its
own folder.  Windows make this the default and really easy and it is a great
feature.  I think that it is the more common situation even when resin runs
on a dedicated server.  I think a rarer occasion would be where a website
would need to access the /etc/hosts file or even /resin/conf/resin.conf file
using file.io.  It is good to have the flexibility, but I think it would be
best to be segregated by default.  This may be a feature can be added that
would differentiate the Resin product over other Java servers.





Sent: Thursday, January 31, 2008 1:22 PM
To: General Discussion for the Resin application server
Subject: Re: [Resin-interest] Security-Manager Performance


The SecurityManager is horrible for performance.

That's why we don't recommend enabling it unless absolutely necessary. :-)

-- Scott

"Mktg. Incorporate Fast" <[EMAIL PROTECTED]> wrote:



I am deploying Resin with the <security-manager/> tag in an ISP environment.
I am seeing a degradation in performance over not using the security
manager.  I am not sure how to combat this, and make it run better.  I have
been yahooing for answers but can't find any good ones.   Any suggestions
are highly appreciated.


What I am seeing is that with each webpage request the server load-average
continues to climb on Solaris.  It does eventually drop, but it does take
some time.  This is on a development server that only has one host, and only
me clicking onto pages.  So I can't imagine what will happen when deployed
to a production server.  It does not seem to be possible.


Are there any ways to tune the JVM to optimize the <security-manager/>



resin-interest mailing list


resin-interest mailing list

Reply via email to