This is the mail archive of the java@gcc.gnu.org mailing list for the Java project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Security in libgcj

From: Stéphane Konstantaropoulos <stephane at cs dot york dot ac dot uk>
To: java at gcc dot gnu dot org
Date: Tue, 22 Mar 2005 17:00:56 +0000
Subject: Security in libgcj
Organization: Computer Science, University of York

Hi All,

I am working on an implementation of an Gecko/OJI plugin based on
libgcj. My goal is to specify formally the whole security aspect of
loading classes and executing them.

While I do this abstract work I have a few questions on the libgcj
implementation of security.

- Do you aim at implementing the Java2 model? (with fine-grained
permissions) if so, where are the permissions stored (like in
$JAVA_HOME/lib/security or something)

- Is the Security manager a concrete class that respects those
permissions?

- Will any class loaded with URLClassLoader or another ClassLoader be
submitted to SecurityManager checks if it is natively compiled? (This
would be nice!)

- How does it work internally? ie how does it isolate Security contexts
and how does it keep track of the call stacks to find which class is or
isn't allowed to do such and such things?

If this is documented somewhere, just give a pointer to it.

Thanks for your help indeed.

-- 
StÃphane Konstantaropoulos
- Research Student, Computer Science
-- University of York, http://www-users.cs.york.ac.uk/~stephane

Attachment: signature.asc
Description: Ceci est une partie de message=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=

Follow-Ups:
- Re: Security in libgcj
  - From: Tom Tromey

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]