Hi everyone! I have experimented with the Java security manager to see how it can be used to divide the XWiki platform into domains with different sets of privileges.
My initial thought was that a customized security manager would be necessary, but I now think that the standard security manager is sufficient. But unless I have missed something, the policy file will necessarily be complex, because it is not possible to place jar-files in different subdirectories in a servlet and therefore wildcarding cannot be used in the policy file. But to simplify the policy management, I suggest using a tool at build-time to generate the policy file. More details about my thoughts on this can be found here: http://dev.xwiki.org/xwiki/bin/view/Drafts/Security+Manager By enabling the security manager like this, we can allow unprivileged users to write Groovy and Python scripts as well as reducing the risk that references to exploitable objects leak to unprivileged velocity scripts. I have already started working on a Maven mojo for generating the policy file, and I will shortly add a feature branch for this. Please, let me know what you think. Best Regards, /Andreas _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
