docker-minecraft-server icon indicating copy to clipboard operation
docker-minecraft-server copied to clipboard

Published 20 hours ago verified publisher icon itzg

Automatic installation of Serialization Is Bad

Open Steveplays28 opened this issue 2 years ago • 1 comments

Enhancement Type

Improve an existing feature

Describe the enhancement

Serialization Is Bad is attached to the JVM as a Java Agent, set via JVM arguments. It'd be nice to add this as an option for older servers, and generally for security purposes, as there might still be mods with this vulnerability, even on modern Minecraft versions.

Steveplays28 avatar Aug 19 '23 12:08 Steveplays28

Thanks for pointing that out. Since all of the options are in place to allow applying this, I'm thinking of starting out with a new documentation page where security/vulnerabilities like this and https://github.com/itzg/docker-minecraft-server/blob/master/docs/misc/log4j.md can be gathered.

itzg avatar Aug 19 '23 14:08 itzg