[Bug 66125] JMProxy - enhance security restrictions
https://bz.apache.org/bugzilla/show_bug.cgi?id=66125 --- Comment #4 from Tim Funk --- True - if that is the case - there is this: /manager/status?XML=true which is xml, not JSON. I'd wonder what additional metrics users were interested that are missing. (As well as if its worth it to optionally exclude processes currently being requested) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 66125] JMProxy - enhance security restrictions
https://bz.apache.org/bugzilla/show_bug.cgi?id=66125 --- Comment #3 from Mark Thomas --- If we want to support provision of metrics to unprivileged or minimally privileged users then I think we should consider a mechanism that doesn't involve those users providing the JMX query that gets executed. For example, a new status servlet could be implemented that provides system admin selected metrics in a single page - possibly in JSON format. JMX is likely to be the underlying mechanism used to populate the results and a set of JMX queries could be used to configure it but all end users would be able to do is request the page. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 66125] JMProxy - enhance security restrictions
https://bz.apache.org/bugzilla/show_bug.cgi?id=66125 --- Comment #2 from Tim Funk --- 100% agreed. I definitely need to add more to the docs to call this out. For example - in manager-howto.xml - one tweak was the say WARNING instead of NOTE. I was hoping to hit the use case of people using JMXProxy for monitoring and this is a flexible way to limit usage to the "get' operations as well as limit the scope for what get can see. I wasn't sure if this was an OK approach to limit usage as compared to other possibilities. For example: another approach is to moving "op" query string to a path. In which case: Its easier to add different roles in each of those paths. (But this approach would have backwards compatibility challenges) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 66125] JMProxy - enhance security restrictions
https://bz.apache.org/bugzilla/show_bug.cgi?id=66125 --- Comment #1 from Remy Maucherat --- This enhancement is risky since if there's a problem somehow it will be an immediate RCE CVE (once people start assuming they can safely expose JMX to the world). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org