>>>>> "Jeroen" == Jeroen Frijters <[EMAIL PROTECTED]> writes:
Jeroen> Another interesting trick with the finalizer is creating Jeroen> instances of classes that have a private constructor! The Jeroen> attached runtime.j creates an instance of (a subclass of) Jeroen> java.lang.Runtime. Interesting test case. With gij this prints `null', but that's probably because the GC and finalization don't actually occur. Jeroen> It could be considered a bug in Sun's verifier that it allows Jeroen> a class without a constructor, what do the other VMs do with Jeroen> this code? Both Sun 1.4 and IBM 1.3 print a non-null `runtime' object. Have you read this? http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf It seems like your technique could be also used to circumvent the security check in the ClassLoader constructor. I wonder what Sun has to say about this. Tom _______________________________________________ Classpath mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/classpath
