Subject Re: [Firebird-Architect] External engines - security
Author Roman Rokytskyy

> Roman, can't we have a directory structure like this:
> FB/java/classpath
> FB/java/classpath/sys
> FB/java/classpath/user
> And consider classpath/sys and classpath/user as different code sources
> with different permissions?
> Then we put Jaybird in classpath/sys and users classes should be put in
> classpath/user.

You can do this, but you don't get the desired result.

If you give socket permission on classes from FB/java/classpath/sys, but
not to classes from FB/java/classpath/user, you will get
SecurityException unless the class from FB/java/classpath/sys uses
doPriviledged(...) call. Read the Javadocs for AccessController class -
that's the one responsible for permission checks.

> And in the future, with classes in blobs, that will be another code source.

The codeBase from the blob is going to be a complex issue. Very likely
it will be solved by thread context or by signedBy, not by codeBase. But
I will start thinking about this only after we solve all the issues in
other areas :)