[freenet-tech] Technology / Features

Mark Wielaard mark@klomp.org
Mon Feb 25 13:14:00 GMT 2002

• Previous message (by thread): [freenet-tech] Technology / Features
• Next message (by thread): [freenet-tech] Technology / Features
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Hi,
On Mon, 2002年02月25日 at 19:54, Brian Jones wrote:
>> Unless I'm missing something, the libraries probably aren't doing
> enough of the required API level security checks that are supposed to
> be going on. Of course, I may be wrong. Classpath's default security
> provider does nothing anyway. Adam could be referring to something
> else.

Also note that our java.util.jar package does not do Certificate lookups
and checking which makes it impossible for the URLClassLoader to set the
ProtectionDomain correct for classes.
Letting java.util.jar handle Certificates correctly should not be such a
big/difficult task to implement (although it is a long time ago that I
implemented that package. And there is probably a reason that I didn't
implement it back then, but maybe it was just the fact that we had no
java.security yet. I don't really remember). So if someone is looking
for a fun thing to hack on...
Cheers,
Mark

---

• Previous message (by thread): [freenet-tech] Technology / Features
• Next message (by thread): [freenet-tech] Technology / Features
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Java mailing list