[jboss-dev-forums] [Design of POJO Server] - Total disregard for privileged operations
anil.saldhana@jboss.com
do-not-reply at jboss.com
Fri Nov 7 17:09:36 EST 2008
Basically all across our code base (mainly the org projects that come in as libraries) have total disregard for sensitive operations that need to be going in privileged blocks (after deciding whether these operations are part of what these libraries need and not something the caller of these libraries should have).
Basically, we are doing set context class loader, setting system properties at will as examples.
Examples:
https://jira.jboss.org/jira/browse/JBMESSAGING-1446
and such as:
http://anonsvn.jboss.org/repos/jbossas/trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatService.java
| System.setProperty("catalina.ext.dirs", (System.getProperty("jboss.server.home.dir") + File.separator + "lib"));
|
I have this jira issue for AS5:
https://jira.jboss.org/jira/browse/JBAS-5988
I have updated the AS5 testsuite sec policy as much as possible (work in progress).
http://anonsvn.jboss.org/repos/jbossas/trunk/testsuite/src/resources/securitymgr/server.policy
We need better control of permissions for things such as Common Criteria Evaluation.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4187842#4187842
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4187842
More information about the jboss-dev-forums
mailing list