[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: RFC: gnu.classpath.SystemProperties
|
From: |
Jeroen Frijters |
|
Subject: |
RE: RFC: gnu.classpath.SystemProperties |
|
Date: |
Mon, 6 Dec 2004 22:10:03 +0100 |
Mark Wielaard wrote:
> On Mon, 2004-12-06 at 13:40, Jeroen Frijters wrote:
> > If nobody objects, this is going in later today.
>
> I am a bit uneasy with this patch since it is not completely
> clear to me how the VM is supposed to restrict access to the
> SystemProperties class.
> It is a tricky interaction between the
> SecurityManager.checkPackageAccess() and the way runtimes implement
> method invocation on classes in different packages.
>
> Could you describe how this precisely works?
All untrusted classes are loaded by the system class loader (or some
other trusted class loader that will be responsible for calling
SecurityManager.checkPackageAccess()). If an untrusted class refers to a
class in one of the gnu.* packages, the VM will attempt to load the
class through the defining class loader of the untrusted class (e.g. the
system class loader) and that class loader will make sure that the class
won't be able to load those restricted classes.
> Then we could see how hard/easy it is for the different runtimes to
> actually make this work.
It doesn't require any work from the runtime (as long as they use
Classpath's system class loader).
Regards,
Jeroen
- Re: RFC: gnu.classpath.SystemProperties, (continued)
- Re: RFC: gnu.classpath.SystemProperties, Michael Koch, 2004/12/02
- RE: RFC: gnu.classpath.SystemProperties, Jeroen Frijters, 2004/12/02
- RE: RFC: gnu.classpath.SystemProperties, Jeroen Frijters, 2004/12/06
- RE: RFC: gnu.classpath.SystemProperties, Jeroen Frijters, 2004/12/06
- RE: RFC: gnu.classpath.SystemProperties, Jeroen Frijters, 2004/12/06
- RE: RFC: gnu.classpath.SystemProperties,
Jeroen Frijters <=