B
Bernd
Hi,
I am writing a small database-like application, that allows
distributed clients to exchange some information.
I decided to use RMI for the network communication part,
mainly because I wanted to learn it, and secondly,
because it seemed to be quite an elegant way to do this.
But I am still having trouble to understand some aspects of
the RMISecurityManager (despite my reading of the documentation
and this newsgroup (well, ok, brief reading, but nonetheless)).
1) My application does not have to download classes, all are
locally available, so I did not install a security manager.
Is that an unwise decision? What are possible dangers?
2) Let's say I would install RMISecurityManager. I know a bit about how to
grant rights with a policy file, but:
Am I right to assume that in order to grant different rights to
local classes and downloaded ones, I have to use the "codebase"
option in my policy file (for example set all rights for local
classes, none or only very few for downloaded ones)? Are there
security issues with this approach that I should know about?
Thanks for your help and greetings
Bernd
I am writing a small database-like application, that allows
distributed clients to exchange some information.
I decided to use RMI for the network communication part,
mainly because I wanted to learn it, and secondly,
because it seemed to be quite an elegant way to do this.
But I am still having trouble to understand some aspects of
the RMISecurityManager (despite my reading of the documentation
and this newsgroup (well, ok, brief reading, but nonetheless)).
1) My application does not have to download classes, all are
locally available, so I did not install a security manager.
Is that an unwise decision? What are possible dangers?
2) Let's say I would install RMISecurityManager. I know a bit about how to
grant rights with a policy file, but:
Am I right to assume that in order to grant different rights to
local classes and downloaded ones, I have to use the "codebase"
option in my policy file (for example set all rights for local
classes, none or only very few for downloaded ones)? Are there
security issues with this approach that I should know about?
Thanks for your help and greetings
Bernd