classpath
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bypassing security manager checks (was: Re: Infinite loop)


From: Gary Benson
Subject: Re: Bypassing security manager checks (was: Re: Infinite loop)
Date: Thu, 17 Nov 2005 13:42:13 +0000

Jeroen Frijters wrote:
> Andrew Haley wrote:
> > Gary Benson writes:
> > > Michael Koch wrote:
> > > > The solution is to use  gnu.classpath.SystemProperties.getProperty(...).
> > > > This does no security check. It is exactly for such issues.
> > > 
> > > Out of interest, what stops user code from calling such things?
> >  
> > Nothing.  That's one of the bugs on the list.
> 
> That's not exactly true. The system class loader does enforce that
> user code cannot access classes in protected packages. It's just
> that we don't have the proper security configuration files in place
> to define the protected packages yet.

You make it sound like an easy fix: is it?
What needs to be done, and where?

Cheers,
Gary




reply via email to

[Prev in Thread] Current Thread [Next in Thread]