Tue Apr 8 22:52:00 GMT 2003
Tom Tromey wrote:
> Well, if non-Object data is put into a RawData field, and untrusted
> Java code can somehow access such a field and cast it to Object, then
> this code can potentially crash the VM. For instance it could make a
> method call on some random pointer.
I see RawData->Object assignment as something that may confuse
a garbage collector, but I don't see it as adding any additional
security concerns. You still can't let untrusted code pass
around RawData. What if a RawData that comes from some
buffer management package is passed to some other package that
expects a Rawdata from some completely different data structure?
You can still crash the VM.
In general, RawData fields cannot be public, and public methods
cannot take RawData parameters or return Rawdata results.
Here "public" means "accessible to untrusted code", so
'protected' fields or methods are also dangerous.
More information about the Java