JSP Servlet container / WEB server

Andrew Haley aph@redhat.com
Sun Jul 20 11:33:00 GMT 2003

• Previous message (by thread): JSP Servlet container / WEB server
• Next message (by thread): JSP Servlet container / WEB server
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Mohan Embar writes:
 > Hi Lars,
 > 
 > >I have made a web server that compiles JSP pages and servlets into .so
 > >dynamic libraries using GCJ. The web engine itself is of course compiled
 > >with GCJ. 
 > >This makes for a compact, fast little web server!
 > 
 > Cool!
 > 
 > I know you said to continue the discussion elsewhere, but I've got one
 > gcj-related question which may or may not be sacrilegious for this list.
 > Doesn't running the webserver and compiled JSPs as native code
 > potentially bypass all of Java's purportedly wonderful security features?
 > I don't recall if I'm remembering this correctly, but isn't gcj somewhat
 > lacking in things like class verification and maybe even security checks?
This is true. The gcj libraries don't implement the Java security
sandbox.
 > I know there are a million ways to secure a webserver, but I kind of
 > like the idea of a real JVM being sort of a safety net.
It's not the jvm that provides this, but the libraries -- there's no
reason fully compiled Java can't be just as secure as a conventional
VM.
Andrew.

---

• Previous message (by thread): JSP Servlet container / WEB server
• Next message (by thread): JSP Servlet container / WEB server
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Java mailing list