This is the mail archive of the java@gcc.gnu.org mailing list for the Java project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Restricting system access

From: Thomas Hallgren <thhal at mailblocks dot com>
To: java at gcc dot gnu dot org
Date: Thu, 24 Feb 2005 23:46:07 +0100
Subject: Restricting system access

Hi, My project aims to provide Java to a database backend. The functions that execute within that backend must be restricted from access to external resources (such as the file system). Using a standard JVM, I accomplish this by installing a SecurityManager.

The present gcj (I'm running from CVS head) requires "execute on <<ALL FILES>>" by default and I've heard that work on gcj security has just commenced.

I would like to know when you think that the GCJ security model will be mature enough to allow me to create a system where I can prevent virtually all file access. As a comparison, using a standard JVM I restrict all FilePermissions except reads in "java.home". I'm not asking for exact dates. I'm more interested in your priorities concerning this and a very rough estimate.

Regards,
Thomas Hallgren

Follow-Ups:
- Re: Restricting system access
  - From: Michael Koch

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]