Thread

[ home | FAQ | about | stats | new post | login | register | tags ]
Do you want to spoil my kids? Here is my Amazon wishlist

Inline-Java [search.cpan.org] [Kobes search] [View and report bugs] [Ratings 5.0 (4) ]
[AnnoCPAN] [CPAN Tests results] [CPANTS]
Posted on Thu Jan 5 20:31:23 2006 by artemgr
Restricting InlineJavaServer to 127.0.0.1
We needed to execure Perl programs from an already established Java environment (CMS engine).
InlineJavaPerlInterpreter wasn't suitable, as it seems to require the JNI setup, and its portability is under a big question, at least it is much harder to automate.
I've automated the Inline::Java installation from CPAN (so that we can deploy our application and its Perl part "just runs" anywhere where Perl is installed; here is how I did it, in case anybody is interested: http://bizlink.ru/public/perl/install.pl).
Then i've started the InlineJavaServer manually, from a separate thread, in the shared mode. Cudos to the Inline::Java developers, everything seems to work as expected: we can execute Perl programs from Java and they can access anything from inside our Java VM using static method invocations on STUDY-ed classes.

I want to restrict that "backdoor" to our JVM to be accessible only from the lo (127.0.0.1) interface. Of course i can (usually) use a firewall for that, but it still would be fine to have a "host" argument in the InlineJavaServer constructor. Like that:

public InlineJavaServer(int debug, String _host, int _port, boolean _shared_jvm, boolean _priv){ ... host = _host; ... if (host == null || host.length() == 0) server_socket = new ServerSocket(port) ; else server_socket = new ServerSocket(port, 0, InetAddress.getByName(host)) ;
Direct Responses: 2095 | Write a response
Posted on Mon Apr 3 16:59:29 2006 by patl in response to 1586
Re: Restricting InlineJavaServer to 127.0.0.1
Starting with the next version, a bind to 'localhost' will be the default for security reasons. A BIND option will be provided to allow binding to specific or all (0.0.0.0) addresses.
Write a response
[ home | FAQ | about | stats | new post | login | register | tags ]
Do you want to spoil my kids? Here is my Amazon wishlist
Service launched on 2nd of February 2005.
Comments, and other submissions on CPAN Forum are Copyright 2005-2007, their respective owners.
Site maintainer is not responsible for content. Privacy Policy
Maintained and hosted by Gabor Szabo at Perl Training Israel
See also World Wide Perl Training