PRE-RFR: 8177154: Default configuration should disallow loading agents
Kirk Pepperdine
kirk at kodewerk.com
Thu Mar 30 19:37:52 UTC 2017
Hi Alan,
I have to agree with Mario here. I think a natural reaction would be to configure the JVM to opt-in by default. Otherwise you will break just about every APM/Monitoring tool out there. If opt-in is almost an automatic then you have to question the value of this change.
Kind regards,
Kirk
> On Mar 24, 2017, at 1:43 PM, Mario Torre <neugens at redhat.com> wrote:
>
> On Fri, Mar 24, 2017 at 10:48 AM, Alan Bateman <Alan.Bateman at oracle.com> wrote:
>> On 24/03/2017 09:34, Remi Forax wrote:
>>
>>> :
>>>
>>> One of strong feature that makes choosing Java on server is that you can
>>> attach, at runtime, a monitoring/troubleshooting tool when an event occurs,
>>> please do not send us back to the pre Java 6 world !
>>>
>> This does not send us back to the pre JDK 6. The changes have no impact on
>> the troubleshooting tools and no impact on management tools that use the
>> attach API to start the JMX agent in the running VM. The change is simply to
>> make loading of arbitrary code with the attach API opt-in. On the server
>> then you the launch script can specify the proposed option and tools that
>> are loading agents will not see a difference.
>
> Hello Alan,
>
> This solution feels like a bit of a quick hack to me. Nevertheless, I
> think it should be opt-out, or at least with a configurable default. I
> can see the only reasonable use case where you don't want to have
> external code to plug in but still want to start with a default agent,
> for instance if you want to use byteman with the jvm, but not allow
> anything else to plug in at runtime (byteman or similar tools of
> course).
>
> Cheers,
> Mario
More information about the hotspot-runtime-dev
mailing list