Re: [Openjmx-devel] RMI adaptor and remote notifications

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

>Hi,
Hi

Let's continue this discussion

>
>> > If you serialize the filter it is uploaded to the agent, yes.
>>
>> My scenario is with the agent running in some server and the client
>> (Let's say a swing app) writes the filter above and adds a listener.
>> Then the listener will be serialized and sent to the agent.=20
>
>Of course no !
>If the listener is run in the server, how can the swing app be notified
>of events ?
>The listener is always remote (from server point of view), and runs in
>the client.
Then you have a MBeanServer on the client side where you set a listener=20
listening for events where? on the local MBeans or the RemoteMBeans?
In the later case the events are produced on the server and the question =
is=20
whether to filter them on the server or on the client
Am I clear?

<snip>
>No, the server already has it. It will be a pain to force the clients to
>do all the above.
>I set up a better implementation, client needs to do nothing :)
>
>> If
>> you don't allow this then the code has to be introduced beforehand and
>> is therefore trusted. Maybe you could clarify this but I think this
>> scenario always calls for a security manager
>
>Not necessarly, see above.
>We serialize known and trusted classes, client code is transparent. The
>proxy pattern.
Doesn't this problem extend to the MLet service. It is actually downloadi=
ng=20
jars and executing foreign code. My vision is that this ALWAYS call for a=
=20
SecurityManager. Or maybe MLet code should be run in a sandbox

>
>> My point is that this problem is much broader than only the=20
>> filter. You
>> could upload a MBean which does something similar
>
>Yes, the problem is broader. Once you add adaptors, you need the Agent
>run under security manager, since by design you can create MBeans from a
>client.
Again, to create MBeans remotely you need to have the class definition on=
 the=20
server either beforehand (Then it can be considerd trusted) or later via =
MLet=20
in which case there should be a protection. Of course you can assume that=
 if=20
somebody can create MLets in the server then the access is controlled and=
=20
trusted

>
>I just wanted here to know the opinion on filters, but the security
>issue must be faced.
>Fortunately I know something about it :)
Good ;-)
Perhaps you should take a closer look to the Http/SSL Adapters, there may=
 be=20
risks there too.

>
>Simon
>