|
| From: | Bryce McKinlay |
| Subject: | Re: question about serialization |
| Date: | Tue, 5 Aug 2003 11:43:30 +1200 |
On Monday, Aug 4, 2003, at 21:33 Pacific/Auckland, Chris Gray wrote:
No. The security context of a given method invocation is the set of classes"on the stack" at the time of the invocation, and the resulting set ofprivileges is the intersection of the privileges of all those classes. So if com.acme.FooApp has permission to read all files, and com.ibm.KoolThing has read/write access to the user's directory only, when FooApp calls a method ofKoolThing the latter just gets read access to the user's files.
You're right - thanks for clearing that up. Looks like there is still quite a bit of work to do to implement the security model!
The performance implications of all this are also rather concerning - walking up the stack is going to be fairly slow. But I presume that for normal applications where security is not required (ie System.getSecurityManager()), such checks are avoided?
Regards Bryce.
| [Prev in Thread] | Current Thread | [Next in Thread] |