We propose to create the possibility to disable those parts of the agent which can do changes on the monitored platform. This is for preventing possible security issues. See the discussion here: https://community.jboss.org/message/647797#647797 Best regards, Vlad Craciunoiu
per scrum 1/23/2012 crouch, loleary, mfoley
Hi, It seems a good idea to have a "read-only" agent. The proposed solution (to disable the "write" features like Configuration and Provisioning and leave only "read" features like Monitoring) still has an issue: malicious code can be embedded in the monitoring part of the plugins. An idea would be to sign the plugin JAR. The agent will check the signature every time a plugin update is performed. The signature will guarantee that the plugins come only from a trusted source. What do you think about this idea ? Regards, Costel