|Date:||Mon, 8 Aug 2005 21:14:07 -0700|
Hi,Any opposition to changing the default security policy to gnu.java.security.PolicyFile? The current default policy is all- permissive to all code, which is a pretty bad policy (all code will work without security exceptions, but if something doesn't work because Classpath isn't using privileged actions appropriately, that should be considered a bug; I would rather err on the side of being too strict).
If yes, Classpath should also come with a sensible default java.policy file. Any thoughts about what it should contain? I suppose it should be similar to the default policy that comes with most other Sun JREs, but I don't know if we can just use a copy of that one.
|[Prev in Thread]||Current Thread||[Next in Thread]|