RFR: 8283093: JMX connections should default to using an ObjectInputFilter [v3]
Kevin Walls
kevinw at openjdk.org
Wed Oct 19 17:54:02 UTC 2022
> Set the management.properties "com.sun.management.jmxremote.serial.filter.pattern" value by default, to restrict types that can be deserialized.
>
> Use the example value from the Core Libraries guide (see section 2. Serialization Filtering / Built-in Filters / Filters for JMX), plus Subject which is needed when using authentication.
>
> The sun/management tests run OK with this change. The existing test sun/management/jmxremote/startstop/JMXStartStopTest.java will fail if the filter specified is made too restrictive.
Kevin Walls has updated the pull request incrementally with one additional commit since the last revision:
Additional test with command-line filter setting.
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/10507/files
- new: https://git.openjdk.org/jdk/pull/10507/files/78e5c897..e6940778
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=10507&range=02
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=10507&range=01-02
Stats: 20 lines in 1 file changed: 16 ins; 0 del; 4 mod
Patch: https://git.openjdk.org/jdk/pull/10507.diff
Fetch: git fetch https://git.openjdk.org/jdk pull/10507/head:pull/10507
PR: https://git.openjdk.org/jdk/pull/10507
More information about the serviceability-dev
mailing list