I’m writing a client-server solution which is using Java RMI (Via the Cajo project).
I want to make the server as secure as possible. I understand that by using Java reflection, a malicious client would be able to view all method names and field names inside any given object which has either been bound in the RMI regestry or “proxied” from the server (In Cajo, a proxied item is an object who actually resides on the server but the client can reference it). However, would a malicious client be able to view any program logic, or modify any code on the server? Or what about viewing the actual contents of the fields?
Please assume that physical access to the server is not allowed and the only network access to the server is via the Cajo TCP port (1198).
Thanks
RMI is based on proxy objects and serialisation.
Proxy objects: these only contains methods specified in an interface, all other methods and fields of the original Object do not exist within the proxy and can’t be accessed via reflection. No attacks are possible since all methods are already public in the interface.
Serialised objects: are one on one copies of the server side values, all methods and fields can be accessed on the client, but changes to the client copy are not forwarded to the server since both copies are independent. An object with modified fields can still be used as argument of an RMI method, so validate your input on the server.