David Holmes wrote:
> And while I'd like to help with the general problem I frankly
> don't have the time available to do so - sorry.
No problem. I'll try to cook up a proposal this week and hopefully you
can review it to see if it helps you or not.
> > Whenenever code tries to access a package and a security manager is
> > installed, SecurityManager.checkPackageAccess() is called, so all we
> > need to do is all the gnu.classpath package to the
> package.access system
> > property.
>
> Isn't that test in reflection only?
No, it's in the (system) class loader (or it is supposed to be,
Classpath doesn't yet have it). Try this on the Sun JVM:
public class test extends java.lang.SecurityManager
{
public static void main(String[] args) throws Exception
{
System.setSecurityManager(new test());
new java.util.Vector();
}
public void checkRead(String file) {}
public void checkPackageAccess(String pkg)
{
if(pkg.equals("java.util")) throw new SecurityException();
super.checkPackageAccess(pkg);
}
}
Here is a interesting link I found:
http://www.net-security.org/vuln.php?id=3018
> I'm confused again about what is being proposed: a public API
> with some kind of runtime check to deny access, or a private
> API with a runtime check to allow access (doPrivileged?) ?
> The former still seems to need VM magic,
I'm proposing a public API in a special package that is not accessible
to untrusted code and this does not require any VM magic (just a proper
implementation of SecurityManager.checkPackageAccess())
Regards,
Jeroen
_______________________________________________
Classpath mailing list
[EMAIL PROTECTED]
http://lists.gnu.org/mailman/listinfo/classpath
