RE: gnu.java.nio.FileChannelImpl

[Jeroen Frijters]

Michael Koch wrote:
> Did I said I don't like it ?

That's the impression I got when we first discussed this.

> I read some interesting paper from Marc Schoenefeld latetly about how 
> he exploited bugs in SUNs JDK. He has written some tool that uses 
> reflection to test public constructors and methods in sun.* packages. 

That doesn't make sense. Untrusted code is not allowed access to the
sun.* packages (unless you're running on Opera, which apparently had a
bug), so there is no point.

> We should really make this impossible. Limiting access to some 
> packages in gnu.* namespace (not all) is a good idea. E.g. 
> gnu.java.nio.* should be restricted, gnu.regexp.* not.

Right. We can disallow gnu.* and then selectively allow some packages.

> This restriction should allow access from java.io, java.nio,
java.lang, 
> java.net, etc. but not from non-standard packages like java.foobar.
> And we have to somehow make sure malicious code can not introduce 
> classes into the standard packages.

That isn't how it works. It's class loader based, all code loaded by the
bootstrap class loader will have access to the gnu.* packages.

Regards,
Jeroen