This is the mail archive of the java@gcc.gnu.org mailing list for the Java project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: null ClassLoader

From: Tom Tromey <tromey at redhat dot com>
To: Adam Megacz <gcj at lists dot megacz dot com>
Cc: java at gcc dot gnu dot org
Date: 21 Dec 2001 09:53:46 -0700
Subject: Re: null ClassLoader
References: <Pine.LNX.4.10.10111280033000.9325-100000@mars.deadcafe.org> <87zo4epw15.fsf@creche.redhat.com> <86vgf2pq5h.fsf@megacz.com>
Reply-to: tromey at redhat dot com

>>>>> "Adam" == Adam Megacz <gcj@lists.megacz.com> writes:

Adam> AFAIK it's the (sketchy) cornerstone of a lot of java security
Adam> mechanisms. All classes such that getClassLoader() == null are
Adam> trusted as "priviledged", and can do Really Evil Things.

Adam> For example, such classes can effectively gain read access to
Adam> private fields on arbitrary objects -- see
Adam> java.io.ObjectOutputStream.enableReplaceObject()

I looked at this.  I think that code is incorrect.  The spec says we
need to ask the SecurityManager instead.  I'll come up with a patch.

Tom> Equivalently, we could change Class.getClassLoader so it only
Tom> returns `null' for primitive classes.

Adam> That would probably do it.

I have a patch for this.  I'll check it in at some point.

Tom

Follow-Ups:
- Re: null ClassLoader
  - From: Adam Megacz

References:
- Re: null ClassLoader
  - From: Tom Tromey
- Re: null ClassLoader
  - From: Adam Megacz

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]