Loading...

XML

Word

Printable

Details

Type: Improvement
Resolution: Fixed
Priority: Minor
Fix Version/s: 5.0
Affects Version/s: None
Component/s: Deploy
Labels:
None

Sprint:
5.0 Milestone1

Verification:

Hide

On devel@kb-prod-udv-001.kb.dk go to the prepared_software/SystemTest directory and run

[devel@kb-prod-udv-001 SystemTest]$ grep security /start
and
[devel@kb-prod-udv-001 SystemTest]$ grep security /start|grep -v BitarchiveApplication
to show that security policy is specified in the Bitarchive apps and nowhere else.

Show
On devel@kb-prod-udv-001.kb.dk go to the prepared_software/SystemTest directory and run [devel@kb-prod-udv-001 SystemTest] $ grep security /start and [devel@kb-prod-udv-001 SystemTest] $ grep security /start |grep -v BitarchiveApplication to show that security policy is specified in the Bitarchive apps and nowhere else.

Description

Currently the java security manager is activated for all applications with a custom security policy definition. Historically the only reason for using a custom security manager in NAS has been to prevent BatchJob injected code from wrecking havoc. As the usage of a security manager causes problem when trying to access files outside of the constrained policy defined in the NAS software, we should avoid using it more than absolutely necessary.

Note that the general usage of a custom security policy has been discussed in the NAS team + Kåre and the agreement is that this policy should at most be applied to the bitarchives, if not being discontinued altogether.

Attachments

Issue Links

was spawned by

NAS-2356 Verify that Java 8 based system works in the test environment

Resolved

Activity

People

Assignee:: Mikis Seth Sørensen (Inactive)

Reporter:: Mikis Seth Sørensen (Inactive)

Watchers:: 1 Start watching this issue

Dates

Created:: 13/Aug/14 1:55 PM

Updated:: 28/Aug/15 2:02 PM

Resolved:: 28/Aug/15 2:02 PM