[jboss-dev-forums] [Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149
adrian@jboss.org
do-not-reply at jboss.com
Mon Nov 10 10:00:34 EST 2008
"anil.saldhana at jboss.com" wrote : "adrian at jboss.org" wrote :
| | I also don't see the need for the permission to set the codesource generator.
| | If somebody can get access to the policy then can make all sorts of other
| | changes anyway. Getting access to the classloader
| | implementation objects is already controlled by
| |
| | | sm.checkCreateClassLoader();
| | |
| | checks.
|
| An uninitiated system administrator configuring the security manager policy can wrongly configure any user applications to have "all" permissions, which means any controls we have placed for security are negated (including checkCreateCL).
I don't see your point? If the administrator configures it wrong then
there's nothing we can do about it.
That's like saying you should ban cutlery because you can stab yourself in the eye
with a fork. ;-)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188151#4188151
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188151
More information about the jboss-dev-forums
mailing list