• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Java Debugger security question

 
Ranch Hand
Posts: 77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have question. I am using java Debugger JDB. I am attaching to the currently running Java process which is preconfigured to listen to the port. so I am using jdb -attach <portnumber>. There seems a security hole when configuring java process to listen to the portnumber. remote debugger can do anything and everything to the process. Is there any way that Java process can be protected with password if we use jdb -attach <portnumber> remotely. Earlier versions of jdb seems to offer an option like "jdb -host -password" but this mechanism doesn't work with jdb packaged with jdk1.5.

Suggestions appreciated.

Thanks,
Ahmed
 
Ranch Hand
Posts: 1970
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
But surely you only run your Java process with the debugger enabled when you are testing in a development environment, not in production ... do you?
 
Ahmed Basheer
Ranch Hand
Posts: 77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am running Java process with debugger enabled in production. Sun doc says there is no performance impact if we run it with debugger enabled. But there is security hole that I am looking to plug into.

Ahmed.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Can you configure the router that separates the network segment with the production machines from the rest of the network to not allow traffic on that port? (Or the firewall, if you're concerned about traffic from the outside?)

Less convenient than a password, but also more secure.
 
You totally ruined the moon. You're gonna hafta pay for that you know. This tiny ad agrees:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic