I guess it could be designed in by noting what permissions are required
in the source code. It is possible that the tool might miss a permission
based on the execution path. That's one thing I like about OSGi
bundles, the author of the bundle specifies the permissions required to
execute the code in the bundle.
The tool should be a good start. Perhaps we might want to consider
privileged code blocks, so the permissions aren't used for gaining
access to anything else. Just a thought.
If you come up with any thoughts or ideas, please let me know.
Cheers,
Peter.
QCG - Sim IJskes wrote:
Peter Firmstone wrote:
First use this tool to log the required set of permissions:
com.sun.jini.tool.DebugDynamicPolicyProvider
I can do that, but shouldn't these be designed instead of measured?
Gr. Sim
