JSP Servlet container / WEB server

Tom Tromey tromey@redhat.com
Mon Jul 21 22:37:00 GMT 2003

• Previous message (by thread): JSP Servlet container / WEB server
• Next message (by thread): gcj and XGraphicsConfiguration bugs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

>>>>> "Mohan" == Mohan Embar <gnustuff@thisiscool.com> writes:

>> This is true. The gcj libraries don't implement the Java security
>> sandbox.

Mohan> Do they not implement this at all?
There's some support, but it isn't complete. The current security
to-do list is:
* Add missing security checks (I checked in a patch yesterday that
 added a lot of them, but there are still a couple missing)
* Implement AccessController (thanks to Mark for pointing this out)
* Implement StackOverflowError
* Fix remaining verifier bugs (I have an unfinished patch that leaks
 memory...)
* Test, test, test
* Real security audit
If you want precompilation to be secure, add:
* Fix known bugs in gcj verifier
Tom

---

• Previous message (by thread): JSP Servlet container / WEB server
• Next message (by thread): gcj and XGraphicsConfiguration bugs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Java mailing list