<<< Date Index >>>     <<< Thread Index >>>

Re: JBOSS 3.2.2-3.2.7 / 4.0.2 installation path disclosure / config disclosure / version fingerprinting



You did not understand the suggested DownloadServerClasses change as this does 
not completely disable rmi class laoding. It simply restricts it to the 
classes/resources associated with ejb deployments as opposed to the complete 
server codebase. Removal of the dynamic class loading service still is a viable 
workaround as the need for dynamic class loading is something rarely used in 
production.