[Bug 253691] Review Request: java-1.7.0-icedtea - IcedTea runtime and development environments
bugzilla at redhat.com
bugzilla at redhat.com
Fri Aug 24 10:33:13 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: java-1.7.0-icedtea - IcedTea runtime and development environments
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253691
------- Additional Comments From k.georgiou at imperial.ac.uk 2007-08-24 06:33 EST -------
(In reply to comment #16)
> What about just restricting all ports in the default configuration? I put
> java-rmi.cgi in its own subpackage so that it is completely optional, and to
> isolate the cgibindir requirement. Other options would be to move the script to
> the demo subpackage or just not include it in the IcedTea packages.
It got dropped from windows at 1.1
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6512052
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4418631 and nobody really
cared so I don't think it will be missed here either.
> Is the java-rmi.cgi script actually deployed frequently, or is it just meant as
> a demo for system administrators? The comments seem to suggest that it's useful
> in practice and not just a demo. If it's actually deployed frequently, I'd like
> to keep the subpackage + cgibindir requirement + all ports locked down. This
> minimizes the fiddling needed to get the script working while still providing
> out-of-the-box security. On the other hand, if java-rmi.cgi is just a toy then
> it should go in the demo subpackage and we can drop the cgibindir requirement in
> favour of a README.
I never had to deploy it but I don't have any rmi programs either. I suspect
that anyone that needs rmi will try to open the firewall ports first and if for
some reason it's not possible and the proxy is required they will go for the
servlet version instead of the cgi. It's best to ask around for someone that
uses rmi just to make sure though.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the package-review
mailing list