[jbosstools-issues] [JBoss JIRA] (JBIDE-14843) arquillian validator security concerns
Max Rydahl Andersen (JIRA)
jira-events at lists.jboss.org
Wed Jun 12 12:05:55 EDT 2013
Max Rydahl Andersen created JBIDE-14843:
-------------------------------------------
Summary: arquillian validator security concerns
Key: JBIDE-14843
URL: https://issues.jboss.org/browse/JBIDE-14843
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: testing-tools
Reporter: Max Rydahl Andersen
Assignee: Snjezana Peco
Priority: Blocker
Fix For: 4.1.0.Beta2
the arquillian validator seem to be running automatically and without a controlling security manager.
With that behavior we are vunerable to file deletions, system exits and malicious code.
Just try adding this to a @Deployment method:
System.exit(0);
or even worse file deletions.
This is not okey - we need next release to not allow this to happen.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jbosstools-issues
mailing list