Remove SecurityUtility
----------------------
Key: JBREM-1116
URL:
https://jira.jboss.org/jira/browse/JBREM-1116
Project: JBoss Remoting
Issue Type: Bug
Security Level: Public (Everyone can see)
Affects Versions: 2.5.0.SP2 (Flounder)
Reporter: Ron Sigal
Assignee: Ron Sigal
Priority: Critical
Fix For: 2.5.0.SP3 (Flounder)
org.jboss.remoting.util.SecurityUtility is a collection of static methods that wrap
security sensitive method calls in a java.security.PrivilegedActionException or a
java.security.PrivilegedExceptionAction. It has the advantage of avoiding cluttering the
calling code, but it has the significant disadvantage that any code can call these public
methods and, using the permissions granted to Remoting, bypass security restrictions.
The methods should be migrated out of SecurityUtility and made inaccessible.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira