| Subject | Re: [Firebird-Architect] External engines - security |
|---|---|
| Author | Adriano dos Santos Fernandes |
| Post date | 2007-10-21T22:43:04Z |
Roman Rokytskyy wrote:
AFAIU, SecurityManager and ClassLoader could work one with other.
Our ClassLoader knows from where it loaded the classes.
So can't we write a SecurityManager that works with our ClassLoader,
giving different permissions from classes loaded by sys or user directories?
Adriano
PS: I readed the documents when you uploaded, and I'm reading again.
>> Then we put Jaybird in classpath/sys and users classes should be put inOk, will read it, but let's try another thing first.
>> classpath/user.
>>
>
> You can do this, but you don't get the desired result.
>
> If you give socket permission on classes from FB/java/classpath/sys, but
> not to classes from FB/java/classpath/user, you will get
> SecurityException unless the class from FB/java/classpath/sys uses
> doPriviledged(...) call. Read the Javadocs for AccessController class -
> that's the one responsible for permission checks.
AFAIU, SecurityManager and ClassLoader could work one with other.
Our ClassLoader knows from where it loaded the classes.
So can't we write a SecurityManager that works with our ClassLoader,
giving different permissions from classes loaded by sys or user directories?
Adriano
PS: I readed the documents when you uploaded, and I'm reading again.