2 Replies Latest reply on Oct 8, 2003 3:33 PM by Peter Davies

    Multi-homed/Multi-user environment

    Tim Newbie

      Hi,

      I run my own server and I rent out web space. I would like to allow each user to have Full J2ee capabilities.

      The server is no super computer so I was hopping to only have one instance of JBoss running.

      The only way I can see to do this is to create a directory such as .ear in the jboss deploy directory. Then link it to a webapp directory in the users home directory.

      Has anyone come up with a better way?

      Are there any security implications that I have missed?

      Tim..

        • 1. Re: Multi-homed/Multi-user environment
          Raja Master

          Try Something like this.
          Have the core Jboss in ur server machine and let each user have a config on their home directories.

          Check this link out.
          http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t=

          • 2. Re: Multi-homed/Multi-user environment
            Peter Davies Newbie

            From a security perspective, allowing multiple untrusted users to execute generic code inside a single JVM is NOT a good idea. While your symlink idea will work, each user would be able to execute any code they write with the same privs as the owner of the JBoss process. As such, I can easily drop in a war file that maps one of your server directories to a URL. If the server process owner has write permission in that directory, I can allow put and delete http commands to modify files. I can also exec anything that the server process owner can exec. You can lock it down somewhat with the conf/server.policy file. However, you still would not be able to protect users from each other. There are lots of exploits I can envision here. JBoss is not really designed to be a multi-user OS (yet anyway).