From: Steve L. (JIRA) <ji...@sm...> - 2008-06-05 16:09:48
|
[ http://jira.smartfrog.org/jira/browse/SFOS-879?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=11102#action_11102 ] Steve Loughran commented on SFOS-879: ------------------------------------- In the RPMs, the signedLib is reduced to a symbolic link to lib/ ; there is no more separate signedLib, and the classpath remains unchanged. > Security: remove signedLib; all the JARs in lib/ are to be signed instead > ------------------------------------------------------------------------- > > Key: SFOS-879 > URL: http://jira.smartfrog.org/jira/browse/SFOS-879 > Project: SmartFrog > Issue Type: Improvement > Components: .sfCore > Affects Versions: 3.12.038 > Reporter: Steve Loughran > Assignee: Steve Loughran > > I'm proposing this as an alternative to the current approach of having a separate lib of signed JARs. > There are avantages/disadvantates > signed JARS in lib/ : no need for separate path setup in secure mode, documentation simpler; everything that grabs the classpath works, and no way to start SF with unsigned JARs > signed JARs in signedLib/ : makes the RPM creation of signed libs very complex > Proposed: > -signing updates the JARs in Situ > -all scripts remove references to signedLib > -docs are updated > -everything gets tested thoroughly -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.smartfrog.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira |