classpath
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SecurityManager troubles


From: David Lichteblau
Subject: Re: SecurityManager troubles
Date: Fri, 13 Jan 2006 13:04:07 +0100
User-agent: Mutt/1.5.8i

Quoting Jeroen Frijters (address@hidden):
> > FWIW, last time I had problems similar to the one being 
> > discussed it was because classpath's default application classloader
> > calls checkPackageAccess() before giving the bootstrap classloader 
> > a chance to load the class, instead of the other way around.
> The check is correct. It's intent is to disallow application classes
> from referencing internal (but public) GNU Classpath classes.

Well, I was just thinking that reversing the order things are done could
be helpful.  If the class is first loaded by the parent class loader,
then the check performed before it is returned, the application class
loader would still be prohibited from actually accessing it if access is
denied, but the SecurityManager itself would get a chance at accessing
the class it needs in case access to the package is actually allowed.

However, I was wrong.  A testcase confirms that Sun does it in the
obvious order by checking first and trying to load only afterwards.

Thanks for setting me straight on that.


d.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]