This content has been marked as final. Show 2 replies
If the person who implements the technology knows what he is doing it is safe. If the person in question does not know what he is doing it is unsafe. It is not in any way related to the technology itself.
Other than that, any insecure channel can be made secure, as long as you think out of the box in stead of in code. Example: you can block connections from remote JPDA sessions unless they come through a VPN connection. Then you effectively shut out the entire bad outside world and only allow the select group of people that have access to the VPN.
Are you really sure you need JPDA though? It is basically built to be able to implement debugging services in (Java) development tools such as an IDE.
No, I'm not sur JPDA is the right tool for me.
What I want is to be able to do remote debug on a running application when there's a problem. I use Eclipse as my IDE and by looking on the Internet I found out about JPDA. There is an option for remote debug with Eclipse and it uses JPDA so I decided to try it. It was exaclty was I was looking for and it's a complete supprise to hear that it's not supposed to be used for that.
By the way, I like the idea to limit the socket port to only specific machines. I'll have to do some research on how to do that but that is definitely a solution to my security concerns.