On Wed, 2005-05-04 at 13:03 -0700, Mike Colbert wrote: > > in the case of a parent-first classloader, the buggy implementation > > would not be exposed since the call would be delegated to the system > > classloader. in the case of a child-first classloader, a buggy > > implementation may try to define SecurityManager itself and this bug > > exploited. > > This would mean an attacker would have to take advantage of a bug in a class > loader which allows them to load a malicious SecurityManager in such a way > that > it would be shared by all applications. I can kind of see how parent-first > delegation would mitigate this, but one would think that with appropriate > levels of class loader isolation in place the delegation order becomes a > non-issue. Maybe the bug has something to do with broken isolation.
i was thinking that a malicious SecurityManager implementation might allow an application to break out of it's sandbox but i'm not an expert and this is really just speculation on my part. i don't think that this kind of attack is any sort of realistic threat. this would be a good time for craig to jump in... - robert --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
