This is the mail archive of the java@gcc.gnu.org mailing list for the Java project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: gcj-security and some issues

On Tue, 2004-04-27 at 00:26, Michael Koch wrote:
> Your analysis seems quite correct BUT the biggest problem yet is that 
> StackTrace's implementation is just crap. The solution you provided is 
> nearly the same I did here some days ago until I found out that 
> StrackTrace is so dumb (it calls external apps to analyze the 
> stack ...). Bryce McKinley is working on a better solution. The base 
> has to be built first before we can build the roof.

A related question is: when it comes to security, how precise does our
stack tracing code have to be?

If we're primarily interested in identifying protection domains, are
there some short cuts we can make?  For instance, can we just map .so's
to protection domains, and then simply identify which .so a PC is
associated with (rather than go all they way down to the class level).

I think there are a couple of libgcj classes/methods we need to special
case (in reflection and doPriviliged maybe), but shouldn't the PC->.so
map be good enough for everything else?

AG

-- 
Anthony Green <green@redhat.com>
Red Hat, Inc.
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]