Get product advice from experts

Ask a question →

Join a community group

Find a group →

Advance your career with learning paths

Take a free class →

Earn badges and rewards

Connect and share ideas at events

See the calendar →

Community
Products
Jira Software
Questions
Is the same java byte code injection used for Instrumentation feature of JIRA?

Is the same java byte code injection used for Instrumentation feature of JIRA?

Documenatation provided regrading Server Instrumenation is not complete. We are using JIRA in our production. Is their is any risk in using byte code injected code in production.

1 answer

1 accepted

0 votes

Answer accepted

If you mean you're altering core functionality by injecting classes into a production instance, then absolutely, yes, you're exposing yourself to instability, performance and security issues by injecting byte code.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Then why JIRA team includes this feature in their product. Then with out this instrumentation, how they achieve the Server Instrumentation Feature.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

And they accept the risks, and they know what they wrote.

By the way, most people won't know what you're talking about here, and I'm not qualified to talk about a lot of it (my objection to it is generalised and learned the hard way - seeing it done in a trading system which then misplaced millions of dollars and no-one could unravel quite why)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Hi Nic Brough,

Thank you very much for your response. If my question is out of the context,pls forgive. Let me ask one more doubt. Can we use Dynamic Byte Code Instrumentation not for achieving core functionality. Say for example, Logging, Profiling etc. So that injection is done only when it required and retransform it to previous state after the use. But all these things should be done in production environment.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Yes, subject to the caveats above - get DBI wrong, even for basic profiling, and you can kill your service.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

Suggest an answer

Log in or Sign up to answer

Was this helpful?

Thanks!

TAGS

Community showcase