Java IDE Security Issues

I'm evaluating Java IDE's. My boss wants me to evaluate IDE security issues. I can't think of any issues, or how an IDE can have anything to do with security, but didn't want to sweep it under the rug without asking all of you security experts.
Are there any security concerns when selecting a Java IDE?

Yeah, you confirmed what I already knew I suppose.
Unfortunately, I know nothing if this organization, as
I'm only consulting. The management here INSISTS that
security be addressed, but I think it's out of scope
for Java IDE selection. Thanks!In that context, things like "supports HTTPS and ssh access for remote development" may be exactly what they're looking for. It lets managers say "Yes we considered security in making this purchase, and yes the developers of this tool take security seriously." Doesn't mean that security is ever going to impact the actual use of the product.
Remember that a portion of any management decision goes to insuring you can show a good-faith effort to avoid problems, when/if they happen down the road and someone's looking for a fall guy...
Good luck!
Grant

Similar Messages

  • Java install security issues?

    Should I install Java on my macbook pro (2012 version, non retina)?  I have read there are potential security issues and you should not download it unless you need it.  I was looking for more information and insight, but did not find a whole lot with my searches.  I do not have it installed currently.  I have 1 program that I was going to install that uses it, but I use it infrequently and I have ways around using it.  Thanks in advance.

    Be sure you are not talking about JavaScript which has nothing really to do with Java. The main issue with Java has been security holes that can be exploited to hack into a computer or to plant malware. The current versions of OS X provide anti-malware software built-in to OS X. Since Java exploits more than likely come through your browser, you can disable Java in the browser to keep the computer protected until you must use Java.
    Java SE Runtime Environment 7 1.7.0_21 is the current official Java installer for Mountain Lion. After you install it simply open Safari preferences, click on the Security icon in the toolbar, and uncheck the Java checkbox unless you need to use Java. Or you can leave it enabled. I do and have yet to be bothered with malware.

  • What should I do to limit my exposure to Java 7 security issue?

    I was just reading about the new malware exploiting Java 7 in Windows, Unix systems? SHould I be concerned about this malware in OS X?

    You could always revert to Java 6. Details in
    Java for OS X 2012-006: How to re-enable the Apple-provided Java SE 6 applet plug-in and Web Start functionality.

  • Can not view slidshows or creat a book on Snapfish.  SF IT folks say it's a security issue on my end.  Any ideas?

    Can not view slidshows or creat a book on Snapfish.  SF IT folks say it's a security issue on my end.  Any ideas?

    You will need to contact Snapfish to find out their system requirements and which plugin you need
    - http://support.snapfish.com/app/answers/detail/a_id/669/brand/3

  • Why is Java Deployment Toolkit (click-to-play) blocked, also the referenced bug is closed and there are no security issues known in Version 7 U51?

    I think it is important to block unsecure addons. But if you do so there should be an open bug assigened. The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633
    I have the problem that I want to use Secure_Auth that is using the Java Deployment Kit in such a nasty way (via javascript) that firefox doesn't see that the deployment kit should be started. Therefore I will not be asked to allow this plugin always for this web site. Since there is no documentation available how to do this configuration in a config file I am stuck at the moment.
    I'm a liitle bit suprised that blocking all versions (even secure versions) is a way to get a good user experience.
    Regards
    Martin

    ''MG_DAU wrote:''
    The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633
    That's a bug report in the Blocklisting component, meaning it's a request to add an add-on to the blocklist. The fact that it's marked as fixed means the add-on has been added to the blocklist.
    * https://addons.mozilla.org/firefox/blocked/p428
    * [[Add-ons that cause stability or security issues are put on a blocklist]]
    Given that there's no way to disable Click-to-Play for this plug-in (the only options are Ask to Activate or Never Activate), if Firefox doesn't trigger a Click-to-Play prompt, I see no way to use it apart from disabling the entire blocklist. This carries a considerable security risk, as no plug-ins will be blocked or set to Click-to-Play, including known malware. If you're sure you want to go through with it, set ''extensions.blocklist.enabled'' to '''false''' in [http://kb.mozillazine.org/About:config about:config].

  • HT1338 There is a lot of talk about the Java security issues and the ability to download a patch fix, do i need to do this or will software update pick this up for me?

    There is a lot of talk about the Java security issues and the ability to download an apple patch fix, do i need to do this or will software update pick this up for me?

    Thanks for that, how do I establish if I have Java installed as on Safari preferences it indicates the following
    Web content - Enable Java
                        - Enable JavaScript

  • Security issue with a website and java

    I am having trouble getting Java to work on a website, the message tells me that I have a security issue  but I don't know how to fix it??

    The site may be sending Firefox for Android a page that is not correctly formed.
    We have a feature in Firefox 39 which will allow the request desktop site menu item to show the full desktop site.

  • What to do about the recent Java security issue?

    I am reading about the Java security issue. Do I need to do something with Safari?

    Open Safari preferences, click on the Security icon in the toolbar. Uncheck the Enable Java option.

  • RMI security issue

    Hi, there!
    This is cross-post from "NetWeaver AS, Java" forum.
    I have a security issue when I try to run RMI client code in the web application on the Web AS 2004s. There is
    lookup statement in JSP or servlet code:
    Naming.lookup("//server/RemoteClass")
    which throws
    java.io.AccessControlException: access denied (java.io.FilePermission
    D:\usr\sap\AS1\JC00\j2ee\cluster\server0\apps\sap.com\MyEntApp\servlet_jsp\MyWebApp\work\com\mycompany\packagename\RemoteClassImpl_Stub.class read)
    I have investigated where "java.security.policy" parameter is setup, there has value "./java.policy". This file is
    regenerated each time when web AS is started, thus I created another policy file, granted file permission for
    above path and set it as -Djava.security.policy in server start parameter. It doesn't resolve problem, I have
    investigated this parameter doesn't correlate with real application run-time permissions. Has anybody ideas?
    Thanks
    P.S. This code works fine as a standalone application.

    File Name : policy.txt
    grant     {
         permission java.security.AllPermission;
    };Run ur program as follows:
    java -Djava.security.policy=policy.txt <Java Client >

  • Oracle 9.2 JDBC Security Issue

    I cannot establish an Oracle connection using Oracle 9.2 JDBC in an applet (linking against classes12.zip or classes12.jar).
    An application version of that applet works fine: the connection is established and I can select, insert, call PL/SQL procedures, etc...
    The applet version, however, fails to connect, and raise a Security exception with the following message:
    "java.util.PropertyPermission oracle.jserver.version read".
    Needless to say, the applet and the database are on the same server.
    Also, the security exception is not raised if I link my code against either classes111.zip or classes12.zip from an old Oracle 8.1.6 release: the applet connects OK.
    As I am currently developing an upgrade of this old Oracle 8.1.6 release to Oracle 9.2, I wish I make profit of the improved features found in your new JDBC releases.
    Do you have any idea on how to fix the problem ?
    Note: I am using Oracle 9.2 developer release for MAC OS X, which otherwise works perfectly well for my purposes.
    Thank you

    Hello,
    Can you provide a test case for such behaviour? And the versions of JDK used in those samples ....
    It would be easier if we isolate java 1.5 issues from ojdbc issues.
    Rick B.

  • Jdeveloper WS Proxy client and ADFpage both throwing security issues

    Hello experts, can you please help me. I have web service deployed on weblogic server.
    I have not set any credential for this web service. I can test the service from SOAPUI without providing any credentials.
    Then I generated WS proxy client using Jdeveloper. When I try to run the client, I do not know why I get security execption (shown below) eventhough I have not secured the web service deployed on weblogic server.
    java.lang.SecurityException: keyStoreFilename is either null or empty string
    at weblogic.wsee.security.util.CertUtils.getCertificate(CertUtils.java:87)
    at pilot1.ContactWSPortTypePortClient.getBSTCredentialProvider(ContactWSPortTypePortClient.java:104)
    at pilot1.ContactWSPortTypePortClient.setPortCredentialProviderList(ContactWSPortTypePortClient.java:78)
    at pilot1.ContactWSPortTypePortClient.main(ContactWSPortTypePortClient.java:46)
    Process exited with exit code 0.
    Here is my client class :
    public static void main(String[] args) {
    try {
    contactWSService = new ContactWSService();
    ContactWSPortType contactWSPortType = contactWSService.getContactWSPortTypePort();
    Map<String, Object> requestContext = ((BindingProvider) contactWSPortType).getRequestContext();
    setPortCredentialProviderList(requestContext);
    // Add your code to call the desired methods.
    // QueryPageInputSecondPage qpisp= new QueryPageInputSecondPage(); //I have commented it in order to resolve security issue
    System.out.println("Inside the client class");
    } catch (Exception ex) {
    ex.printStackTrace();
    Inside the method setPortCredentialProviderList(), I have not provided any credentials, keystores etc. Because weblogic is not setup with SSL and also I have not set up any authorization or authentication for the web service. I do not know why I am able to test it through SOAPUI and why not using WS proxy.
    I also tried to invoke the web service from ADF page by creating data contorl. I did not provide any policy details because there is not security enabled for the web service on weblogic server. Even when I run the ADF application, I get below security error :
    <Error while invoking endpoint "http://10.1.1.59:7010/ContactWSWebSvc/ContactWSPortTypePort" from client; Security Subject: anonymous>
    ####<Jul 9, 2012 10:02:31 AM EDT> <Error> <oracle.adf.model.connection.webservice> <dmnov23-HP> <DefaultServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <a7d8487bcbe16046:-44aec1c2:1386c02f9ac:-8000-000000000000007f> <1341842551474> <BEA-000000> <Failed to execute a SAAJ interaction.
    javax.xml.ws.soap.SOAPFaultException: java.lang.NullPointerException
    at oracle.j2ee.ws.client.jaxws.DispatchImpl.throwJAXWSSoapFaultException(DispatchImpl.java:1024)
    at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:808)
    at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:235)
    Appreciate your quick response.
    thanks a lot
    jyothi
    Edited by: Jyothi on Jul 9, 2012 2:45 PM
    Edited by: Jyothi on Jul 9, 2012 2:48 PM

    Also, I do not know why the Jdev classpath is set with lot of jar files. May be that is how the Jdeveloper is setup when we install since it has to support lot of applications. I am really shocked to see this.
    When I run the WS proxy client (java client) for this webservice from Jdeveloper, it is finally throwing java.lang.SecurityException: keyStoreFilename is either null or empty string error. As I mentioned earlier, I did not provide any credentials or keysotre details inside setPortCredentialProviderList(). I am totally confused why Jdeveloper is behaving like this for unsecured web service.
    C:\Program Files\Java\jdk1.6.0_31\bin\javaw.exe" -server -classpath C:\JDeveloper\mywork\Application2\.adf;C:\JDeveloper\mywork\Application2\Pilot1\classes;C:\fmu\oracle_common\modules\oracle.jsf_1.2.9\glassfish.jsf_1.0.0.0_1-2-15.jar;C:\fmu\oracle_common\modules\oracle.jsf_1.2.9\glassfish.jstl_1.2.0.1.jar;C:\fmu\oracle_common\modules\oracle.jsf_1.2.9\javax.jsf_1.1.0.0_1-2.jar;C:\fmu\oracle_common\modules\oracle.jsf_1.2.9\wls.jsf.di.jar;C:\fmu\oracle_common\modules\oracle.idm_11.1.1\identitystore.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\adfm.jar;C:\fmu\oracle_common\modules\groovy-all-1.6.3.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\adftransactionsdt.jar;C:\fmu\oracle_common\modules\oracle.adf.view_11.1.1\adf-dt-at-rt.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\adfdt_common.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\adflibrary.jar;C:\fmu\oracle_common\modules\oracle.xdk_11.1.0\xmlparserv2.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\db-ca.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\jdev-cm.jar;C:\fmu\oracle_common\modules\oracle.ldap_11.1.1\ojmisc.jar;C:\fmu\oracle_common\modules\oracle.adf.share_11.1.1\commons-el.jar;C:\fmu\oracle_common\modules\oracle.adf.share_11.1.1\jsp-el-api.jar;C:\fmu\oracle_common\modules\oracle.adf.share_11.1.1\oracle-el.jar;C:\fmu\oracle_common\modules\oracle.adf.security_11.1.1\adf-share-security.jar;C:\fmu\oracle_common\modules\oracle.adf.security_11.1.1\adf-controller-security.jar;C:\fmu\modules\javax.activation_1.1.0.0_1-1.jar;C:\fmu\oracle_common\modules\oracle.adf.share_11.1.1\adf-share-support.jar;C:\fmu\oracle_common\modules\oracle.adf.share.ca_11.1.1\adf-share-ca.jar;C:\fmu\oracle_common\modules\oracle.adf.share.ca_11.1.1\adf-share-base.jar;C:\fmu\oracle_common\modules\oracle.adf.share_11.1.1\adflogginghandler.jar;C:\fmu\oracle_common\modules\oracle.adf.share_11.1.1\adfsharembean.jar;C:\fmu\oracle_common\modules\oracle.jmx_11.1.1\jmxframework.jar;C:\fmu\oracle_common\modules\oracle.jmx_11.1.1\jmxspi.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\bc4j-mbeans.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\bc4jwizard.jar;C:\fmu\oracle_common\modules\oracle.javatools_11.1.1\resourcebundle.jar;C:\fmu\modules\javax.mail_1.1.0.0_1-4-1.jar;C:\fmu\oracle_common\modules\oracle.ldap_11.1.1\ldapjclnt11.jar;C:\fmu\oracle_common\modules\oracle.jps_11.1.1\jps-api.jar;C:\fmu\oracle_common\modules\oracle.jps_11.1.1\jps-common.jar;C:\fmu\oracle_common\modules\oracle.jps_11.1.1\jps-ee.jar;C:\fmu\oracle_common\modules\oracle.jps_11.1.1\jps-internal.jar;C:\fmu\oracle_common\modules\oracle.jps_11.1.1\jps-unsupported-api.jar;C:\fmu\oracle_common\modules\oracle.jps_11.1.1\jps-manifest.jar;C:\fmu\oracle_common\modules\oracle.jps_11.1.1\jacc-spi.jar;C:\fmu\oracle_common\modules\oracle.pki_11.1.1\oraclepki.jar;C:\fmu\oracle_common\modules\oracle.osdt_11.1.1\osdt_core.jar;C:\fmu\oracle_common\modules\oracle.osdt_11.1.1\osdt_cert.jar;C:\fmu\oracle_common\modules\oracle.osdt_11.1.1\osdt_xmlsec.jar;C:\fmu\oracle_common\modules\oracle.osdt_11.1.1\osdt_ws_sx.jar;C:\fmu\oracle_common\modules\oracle.iau_11.1.1\fmw_audit.jar;C:\fmu\modules\javax.security.jacc_1.0.0.0_1-1.jar;C:\fmu\oracle_common\modules\oracle.jdbc_11.1.1\ojdbc6dms.jar;C:\fmu\jdeveloper\BC4J\jlib\bc4jtester.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\adfm-debugger.jar;C:\fmu\oracle_common\modules\oracle.adf.model_11.1.1\regexp.jar;C:\fmu\oracle_common\modules\oracle.help_5.0\ohj.jar;C:\fmu\oracle_common\modules\oracle.help_5.0\help-share.jar;C:\fmu\oracle_common\modules\oracle.bali.share_11.1.1\share.jar;C:\fmu\jdeveloper\jlib\jewt4.jar;C:\fmu\oracle_common\modules\oracle.help_5.0\oracle_ice.jar;C:\fmu\jdeveloper\ide\lib\idert.jar;C:\fmu\jdeveloper\ide\lib\javatools.jar;C:\fmu\wlserver_10.3\server\lib\weblogic.jar;C:\fmu\oracle_common\modules\oracle.mds_11.1.1\mdsrt.jar;C:\fmu\oracle_common\modules\oracle.mds_11.1.1\oramds.jar;C:\fmu\modules\javax.servlet_1.0.0.0_2-5.jar;C:\fmu\modules\javax.jsp_1.2.0.0_2-1.jar;C:\fmu\jdeveloper\ide\macros\..\..\..\wlserver_10.3\server\lib\ojdbc6.jar;C:\fmu\oracle_common\jlib\commons-cli-1.0.jar;C:\fmu\oracle_common\modules\oracle.xmlef_11.1.1\xmlef.jar;C:\fmu\oracle_common\modules\oracle.dms_11.1.1\dms.jar;C:\fmu\oracle_common\modules\oracle.xdk_11.1.0\xml.jar;C:\fmu\oracle_common\modules\oracle.javacache_11.1.1\cache.jar;C:\fmu\oracle_common\modules\oracle.ucp_11.1.0.jar;C:\fmu\oracle_common\modules\oracle.odl_11.1.1\ojdl.jar;C:\fmu\oracle_common\modules\oracle.javatools_11.1.1\javatools-nodeps.jar;C:\fmu\modules\javax.management_1.2.1.jar;C:\fmu\modules\javax.management.j2ee_1.0.jar;C:\fmu\jdeveloper\ide\macros\..\..\..\oracle_common\modules\oracle.nlsrtl_11.1.0\orai18n.jar;C:\fmu\modules\glassfish.el_1.0.0.0_2-1.jar;C:\fmu\oracle_common\modules\oracle.jrf_11.1.1\jrf.jar;C:\fmu\modules\com.oracle.toplink_1.0.0.0_11-1-1-5-0.jar;C:\fmu\modules\org.eclipse.persistence_1.1.0.0_2-1.jar;C:\fmu\modules\com.bea.core.antlr.runtime_2.7.7.jar;C:\fmu\oracle_common\modules\oracle.toplink_11.1.1\javax.persistence_2.0_preview.jar;C:\fmu\modules\com.bea.core.apache.xercesImpl_2.8.1.jar;C:\fmu\modules\glassfish.jaxb_1.0.0.0_2-1-12.jar;C:\fmu\modules\javax.xml.bind_2.1.1.jar -Djavax.net.ssl.trustStore=C:\fmu\wlserver_10.3\server\lib\DemoTrust.jks pilot1.ContactWSPortTypePortClient
    java.lang.SecurityException: keyStoreFilename is either null or empty string
         at weblogic.wsee.security.util.CertUtils.getCertificate(CertUtils.java:87)
         at pilot1.ContactWSPortTypePortClient.getBSTCredentialProvider(ContactWSPortTypePortClient.java:104)
         at pilot1.ContactWSPortTypePortClient.setPortCredentialProviderList(ContactWSPortTypePortClient.java:78)
         at pilot1.ContactWSPortTypePortClient.main(ContactWSPortTypePortClient.java:46)
    Process exited with exit code 0.

  • Thread security issues

    I have been trying to use threads in coding, but even a simple thread program from the java.sun.com seems to generate an error. I get an error like
    java.lang.NoClassDefFoundError: SlideShow/SlideShow (wrong name: SlideShow)
    at java.lang.ClassLoader.defineClass0(Native Method)
    at java.lang.ClassLoader.defineClass(ClassLoader.java:539)
    at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:123)
    at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:157)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:289)
    at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:123)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:235)
    at sun.applet.AppletClassLoader.loadCode(AppletClassLoader.java:561)
    at sun.applet.AppletPanel.createApplet(AppletPanel.java:617)
    at sun.applet.AppletPanel.runLoader(AppletPanel.java:546)
    at sun.applet.AppletPanel.run(AppletPanel.java:298)
    at java.lang.Thread.run(Thread.java:534)
    for any thread program I put in my IDE
    I feel if I could solve this security issue, I could get around to use threads in the program I am working on.
    I am using NetBeans v 4.0 IDE .
    Thanks a lot in advance,
    Sathy

    it's a class not found error, not a security error. If in a jar, make sure your class files are in the correct folders to match the package order. If not in a jar, make sure your classpath points at the location of the class files

  • Other web browsers and security issues?

    Since even an Apple KB article recognizes the need for an additional browser and because of Safari's limitations and problems, I'm going to try switching to another browser (most likely OmniWeb and am looking at Firefox, Shira and Opera also though perhaps not as a primary browser) but I'm wondering about their ability to keep on top of any security issues for Mac? (and how do you keep up with security updates?)
    Though perhaps unfounded, at least with Safari, I feel that Apple has a vested interest in keeping on top of security issues (for Safari and Java) and I can readily find out about security updates via software updater.

    Most of the other Mac browsers have their adherents. They are all good browsers (I have 7 browsers installed to test various web sites and for change-of-pace usage). They all have their strengths and they all have their weaknesses. Only iCab and OmniWeb are still shareware, the rest are now or always have been free (Opera just recently stopped charging for its browser).
    I have settled on Firefox as my alternate browser and I use it maybe just a tad more than Safari, but I do switch back and forth between them. The Mozilla foundation is good at getting security updates out when needed. Firefox has a button on the toolbar to check for updates. One nice thing about Firefox is that you can install free extensions which enhance the features available. I have one to supplement tab features, one to control iTunes from Firefox's status bar, one to help me format messages in discussion forums, and one to block ads.
    I prefer OmniWeb for doing intensive research because of the way it handles tabs in its sidebar, showing me which ones I've looked at and which ones I haven't, and giving me great flexibility in rearranging tabs, which are viewable as thumbnails or text names (I have had up to a hundred or so tabs open in OmniWeb.
    Shiira is good and its fast. I have not checked for updates for a while, but the last time I updated there was still a problem with Shiira kicking you out of logged-in sites when you moved from page to page with in web site. This may have been fixed by now - they were aware of the problem back then.
    Camino is a native OS X cousin of Firefox and is also fast, but is not updated as often.
    I would stay away from Mozilla or Netscape unless you need all the additional modules they have and which take up hard disk space. Firefox and Camino represent the browser module of Mozilla/Netscape. Mozilla and Netscape have modules for email, irc chat, newsgroups, and for creating and editing web pages. Netscape is a branded and slightly customized version of Mozilla and is not updated as often.
    Opera is a nice browser and some use it as their main browser, but I have not seen anything that really stands out for me, but that does not mean it is not worth a look.
    I would stay away from abandonware Internet Explorer.
    As for checking for updates, several of them, as with many Mac programs, now have a menu item that allows you to check for updates. Most of them also announce their updates on both VersionTracker and MacUpdate.
    Happy Exploring.

  • Using latest version of fireFox to access Think Central, pages will not load and they say that this is a security issue with FireFox?

    Teachers in our district are supposed to use www.thinkcentral.com with FireFox.
    Some have no problem accessing the lesson plans.
    Most when they login click on a lesson plan and an icon shows up that says loading but never does.
    If you reboot the computer and login you can open a page once but not a second time and no other lessons will open.
    Think Central support says this is a security issue with Firefox.
    I have updated FireFox, all the Adobe, Reader, Flash, Air and Shockwave. As well as Java.
    I have allowed the pop ups to the think Central web site.
    Any help would be appreciated

    Are there any notification icons on the left end of the address bar? If so, please click them to see whether they related to security issues (such as blocked content - shield icon: [[How does content that isn't secure affect my safety?]]) or a plugin requiring permission (Lego-like icon).
    Does Think Central have any help pages about this issue? Without an account, it is difficult to explore the issue first-hand.

  • About "kernel.exec-shield" and "because they will bring security issue" for linux ASE

    In " ASE Quick Installation Guide for Linux", "kernel.exec-shield=0" and  “kernel.randomaize-va-space=0” should be set.
    But SuSE engineers say that  “kernel.exec-shield=0”and “kernel.randomaize-va-space=0” will bring the OS security issue.
    Customer want to know why ASE need the above parameters ?
    Has anybody the idea for customer's question?

    If the parameters are not set as documented, attempts to start additional engines beyond the first one will fail, generating stack traces.
    ASE acts in many ways like it's own operating system, scheduling individual user connections (spids) to actively run (note that ASE was developed well before native threading was commonly available).  Each spid has it's own stack information that gets swapped in when it is set to "running" state on the engine and swapped out when it yields the engine.  The mechanics of this is not that different from the buffer overrun exploits described in the Red Hat document linked to by the
    install guide, http://www.redhat.com/f/pdf/rhel/WHP0006US_Execshield.pdf
    and the exec-shield mechanics definatately interfere ASE's operations when ASE is using multiple dataserver processes (engines) that swap spids around.
    -bret

Maybe you are looking for

  • Hp laserjet 100 color mfp m175nw won't scan in mac os 10.6.8

    Can anyone help? This is supposed to be a multifunction printer / scanner / copier.  When I open up the printer via System Preferences, I don't see an option to scan.

  • Configuring a printer to a new router

    I just recently got a new router supplied through my service provider. I have a wireless HP Deskjet3050A printer. and since getting the new router i cant print. It says that everything is good and ready to print but it doesnt do anything when I click

  • Problem with BFILE closure

    I have a problem with a pending session (Oracle 8.1.7, Windows 2000). The active process is waiting for a BFILE to close (BFILE closure). It has been waiting > 7000 secs. The file to read is a simple csv-file with 10 lines. I'm using the widely sprea

  • BAdI /SAPAPO/DM_PO_MNTN - CT_ORDKEY is not populated with the order data for PO Memo

    Dear All, I have done enhancement in the ERP system by adding the customer specific field ZZ_RESWK in structure CIFPUORCUS. This field is filled in the ERP user exit EXIT_SAPLMEAP_001, for the Purchase order (category BF & BG) and PO Memo (Category A

  • Failure while scheduling publications with CR in BO XI3.1

    We have installed BO XI3.1 on windows server 2003 R2 SP2, with weblogic 9.2 application server and have configure to SSO for windows AD users. While scheduling publications it throws up the following error, however this error is not consistent, it ha