HPjmeter 4.3 User's Guide
IMPORTANT: Setting access for owner or group should not be considered a security solution
because node agent to JVM communications are not secured by default—see below.
Securing Communication Between the JVM and the HPjmeter Node Agent
IMPORTANT: The data stream between the JVM and the node agent is not protected from
tampering by a user logged into the system running the JVM. For key applications in production,
you may want to increase your confidence that the data has not been tampered with en route
between the JVM and agent before you take action based on HPjmeter metrics.
Where you deem it necessary, either secure the communication mechanism between the JVM and
node agent (HP-UX 11i v2 or later only), or confirm that the HPjmeter data looks reasonable
according to the usual behavior of your application by independently validating its output.
To secure the communication mechanism between the JVM and node agent on HP-UX 11i v2 or
later operating systems, set the umask of the JVM process to 77 (no access except for the owner)
by executing the command
% umask 77
before running the JVM.
Related Topics
• Managing Node Agents On HP-UX (page 47)
• Node Agent Access Restrictions (page 48)
• Connecting to the HPjmeter Node Agent (page 222)
Security Awareness 33