Security as of version 4.0
Tom Tromey
tromey@redhat.com
Mon May 2 23:31:00 GMT 2005
>>>>> "Stéphane" == Stéphane Konstantaropoulos <stephane@cs.york.ac.uk> writes:
Stéphane> I had a closer look at libgcj's code since the release of GCC 4.0
Stéphane> The first big flaws that are found are:
[ list omitted ]
Yeah, those are known problems for the most part. I hope that serious
work on security will happen this year. But, it is always hard to
tell.
Stéphane> This means there is no security checks done at all. Even though all the
Stéphane> rest (java.security.Policy, java.security.Security...) seems to be
Stéphane> implemented OK.
Actually, in libgcj we know that some required calls to
SecurityManager are not implemented. Many of them are in place, but
not all; for instance look through Class.
Stéphane> Is the signature/certificate of jars taken into account when loading a
Stéphane> jar?
I'm not certain.
Stéphane> Minor fixes should bring libgcj close to the java 2 security model.
Stéphane> This is encouraging
Yeah. I think I've posted the security to-do list here before. I
suppose it would be best as a bunch of PRs plus a meta-PR. I'll see
if I can do that.
I would really like to see test cases for all this stuff before we
start fixing bugs. The more complete the test suite, the more sure we
can be of not breaking things in the future.
Tom
More information about the Java
mailing list