This is the mail archive of the java@gcc.gnu.org mailing list for the Java project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: null ClassLoader

From: Adam Megacz <gcj at lists dot megacz dot com>
To: java at gcc dot gnu dot org
Date: 19 Dec 2001 18:43:38 -0800
Subject: Re: null ClassLoader
Organization: Myself
References: <Pine.LNX.4.10.10111280033000.9325-100000@mars.deadcafe.org> <87zo4epw15.fsf@creche.redhat.com>

Tom Tromey <tromey@redhat.com> writes:
> This all sounds pretty ugly.  How important is it that the class
> loader for, say, java.lang.Object be different from the class loader
> for org.user.Whatever?

AFAIK it's the (sketchy) cornerstone of a lot of java security
mechanisms. All classes such that getClassLoader() == null are trusted
as "priviledged", and can do Really Evil Things.

For example, such classes can effectively gain read access to private
fields on arbitrary objects -- see java.io.ObjectOutputStream.enableReplaceObject()

> Equivalently, we could change Class.getClassLoader so it only returns
> `null' for primitive classes.

That would probably do it.

To the best of my understanding, aside from being a simple method for
turning byte[] -> Class, ClassLoaders are also how you create multiple
provably-isolated "virtual sub-VMs" within a single VM.

  - a

Follow-Ups:
- Re: null ClassLoader
  - From: Tom Tromey

References:
- Re: null ClassLoader
  - From: Tom Tromey

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]