Secure remote classloading
--------------------------
Key: JBREM-929
URL:
http://jira.jboss.com/jira/browse/JBREM-929
Project: JBoss Remoting
Issue Type: Task
Security Level: Public (Everyone can see)
Reporter: David Lloyd
Fix For: 3.0.0-M3
Remote classloading should be allowed only if either (a) a security manager is installed
(and thus the security manager would create the policy) or (b) a specific option is
enabled (which would be disabled by default) to allow it.
Also, the remote classloader needs to be able to work with the standard security manager
policy - which is to say, that classes loaded from a remote service need to have a unique
codeBase URL so that administrators can grant permission to remote classes based on the
service from whence they came.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira