• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

Java Debugger security question

 
Ranch Hand
Posts: 77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have question. I am using java Debugger JDB. I am attaching to the currently running Java process which is preconfigured to listen to the port. so I am using jdb -attach <portnumber>. There seems a security hole when configuring java process to listen to the portnumber. remote debugger can do anything and everything to the process. Is there any way that Java process can be protected with password if we use jdb -attach <portnumber> remotely. Earlier versions of jdb seems to offer an option like "jdb -host -password" but this mechanism doesn't work with jdb packaged with jdk1.5.

Suggestions appreciated.

Thanks,
Ahmed
 
Ranch Hand
Posts: 1970
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
But surely you only run your Java process with the debugger enabled when you are testing in a development environment, not in production ... do you?
 
Ahmed Basheer
Ranch Hand
Posts: 77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am running Java process with debugger enabled in production. Sun doc says there is no performance impact if we run it with debugger enabled. But there is security hole that I am looking to plug into.

Ahmed.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Can you configure the router that separates the network segment with the production machines from the rest of the network to not allow traffic on that port? (Or the firewall, if you're concerned about traffic from the outside?)

Less convenient than a password, but also more secure.
 
WARNING! Do not activate jet boots indoors or you will see a tiny ad:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic