Your thoughts about the Java security policy in IBM Domino

Monday, March 31, 2014 at 8:40 PM UTC

This evening I faced "problems" with Domino and it's Java security policy (again). They were "tightened up" in 8.5.2 to prevent malicious code to be executed within the JVM - so far so good. But: if I imagine to execute Lotusscript code in an agent that an admin signed to be run on the server I may be able to do also harmful things on the platform - even file access. The Java policy prevents me (and you of course) from using cool add ons and libraries found on the Internet to extend our applications, especially using XPages. My latest example is the Jackson library for JSON handling and transfering into HashMaps and vice versa - a very neat thing. But without setting my policy to grant all permissions that won't work due to security exceptions.

So what I like to know is what you think about the strict policy settings and concerns about it when setting them to open up to other third party applications and extensions. Thank you for commenting on that Smile

Latest comments to this post

Jesse Gallagher wrote on 31.03.2014, 22:51

I think you should just grant AllPermission all the time.

 Link to this comment

Leave a comment right here