|Subject||Re: [Firebird-Architect] External engines - security|
> AFAIU, SecurityManager and ClassLoader could work one with other.Yes.
> Our ClassLoader knows from where it loaded the classes.I guess we could... but I'd prefer not to - if we can define our
> So can't we write a SecurityManager that works with our ClassLoader,
> giving different permissions from classes loaded by sys or user directories?
requirements using the standard security model, we are more safe
compared to the case where we invent our own security model. If somebody
finds an exploit in our implementation of SecurityManager, it would not
bring us a lot of credibility in the future.