Hi Micael, probably I was unclear. I want to avoid insecure code to being executed. Is it useful to run multiple JVM? If yes how... and so on...
I want to make java hosting for unknown java user code, so I need to take attention on system resources and insecure servlet/jsp code. I like to provide a sort of secure sandbox for running servlet and jsp to external users. What type of restriction I have to make? // my environment is: kernel 2.4 (RedHat o SuSe) OpenSSH (opz. OpenSSL) Apache 1.3 Jakarta Tomcat 3.3, Velocity, Turbine, Ant, ORO .... JDK 1.3 MySQL 3.3 Qmail - Courier IMAP (and other programs like vpopmail .....) thank you Eli At 09.02 03/02/2002 -0800, you wrote: >Not sure of what sort of security you are trying to develop, Eli. Be more >specific. There are lots of available solutions for lots of differing >objectives. For example, do you just want to avoid hackers, people >jumping into the middle of your site, returns to sensitive pages, etc.? > >Micael > >At 06:03 PM 2/3/02 +0100, you wrote: > >>>Hi to all, >>>I need to setup a linux-box to host user application in a safety >>>environment. >>>I already read how to setup a Java SecurityManager. >>>Is this the only attention I have look for? >>> >>>If someone had got experience in hosting solution using Tomcat please >>>send me >>>a guideline to check for common security problem, or a list of url to >>>look for doc. >>>every hints is mostly appreciated. >>> >>>thank you >>>Eli Spizzichino >> >> >> >>-- >>To unsubscribe: <mailto:[EMAIL PROTECTED]> >>For additional commands: <mailto:[EMAIL PROTECTED]> >>Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > >-- >To unsubscribe: <mailto:[EMAIL PROTECTED]> >For additional commands: <mailto:[EMAIL PROTECTED]> >Troubles with the list: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
