Documenatation provided regrading Server Instrumenation is not complete. We are using JIRA in our production. Is their is any risk in using byte code injected code in production.
If you mean you're altering core functionality by injecting classes into a production instance, then absolutely, yes, you're exposing yourself to instability, performance and security issues by injecting byte code.
Then why JIRA team includes this feature in their product. Then with out this instrumentation, how they achieve the Server Instrumentation Feature.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
And they accept the risks, and they know what they wrote.
By the way, most people won't know what you're talking about here, and I'm not qualified to talk about a lot of it (my objection to it is generalised and learned the hard way - seeing it done in a trading system which then misplaced millions of dollars and no-one could unravel quite why)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Nic Brough,
Thank you very much for your response. If my question is out of the context,pls forgive. Let me ask one more doubt. Can we use Dynamic Byte Code Instrumentation not for achieving core functionality. Say for example, Logging, Profiling etc. So that injection is done only when it required and retransform it to previous state after the use. But all these things should be done in production environment.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, subject to the caveats above - get DBI wrong, even for basic profiling, and you can kill your service.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.