Can I disable the ability to call java code from rhino?
|
View:
New views
9 Messages
—
Rating Filter:
Alert me
|
 |
Can I disable the ability to call java code from rhino?
by Keithgchapman
::
Rate this Message:
Hi,
I understand that I can call Java code directly from Within Rhino. Is there a configuration setting or something that can disable this feature? for e.g I dont want a script having java.lang.System.exit(0); bring down the whole system. Is there anyway I can control this. Thanks, Keith. _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by Norris Boyd-2
::
Rate this Message:
On Jan 22, 5:07 am, keith <keithgchap...@...> wrote:
> Hi, > > I understand that I can call Java code directly from Within Rhino. Is > there a configuration setting or something that can disable this > feature? > > for e.g I dont want a script having > java.lang.System.exit(0); > bring down the whole system. Is there anyway I can control this. > > Thanks, > Keith. (Please use mozilla.dev.tech.js-engine.rhino in the future.) Take a look at the following method and class: http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/Context.html#setClassShutter(org.mozilla.javascript.ClassShutter) http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/ClassShutter.html --N _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by Keithgchapman
::
Rate this Message:
Thanks Norris,
Thats exactly ehat I was looking for. Thanks, Keith. On Jan 22, 11:54 pm, Norris Boyd <norrisb...@...> wrote: > On Jan 22, 5:07 am, keith <keithgchap...@...> wrote: > > > Hi, > > > I understand that I can call Java code directly from Within Rhino. Is > > there a configuration setting or something that can disable this > > feature? > > > for e.g I dont want a script having > > java.lang.System.exit(0); > > bring down the whole system. Is there anyway I can control this. > > > Thanks, > > Keith. > > (Please use mozilla.dev.tech.js-engine.rhino in the future.) > > Take a look at the following method and class: > > http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/Context.h...)http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/ClassShut... > > --N _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by Keithgchapman
::
Rate this Message:
Hi Norris,
I did implement this interface as follows public class ClassShutterImpl implements ClassShutter { public boolean visibleToScripts(String fullClassName) { // For the moment we dont allow to execute java code return fullClassName.startsWith("org.mozilla.javascript"); } } and set this in the context. When i execute the following script function foo(){ x = 10; } java.lang.System.exit(0); I get this error, Is there a way that I can throw a more meaningfull error. May be something like "sorry we do not allow you to run Java code through LiveConnect". caused org.mozilla.javascript.EcmaError: TypeError: exit is not a function, it is org.mozilla.javascript.NativeJavaPackage. (test#4) Is there a better way I can do this? thanks, Keith. On Jan 22, 11:54 pm, Norris Boyd <norrisb...@...> wrote: > On Jan 22, 5:07 am, keith <keithgchap...@...> wrote: > > > Hi, > > > I understand that I can call Java code directly from Within Rhino. Is > > there a configuration setting or something that can disable this > > feature? > > > for e.g I dont want a script having > > java.lang.System.exit(0); > > bring down the whole system. Is there anyway I can control this. > > > Thanks, > > Keith. > > (Please use mozilla.dev.tech.js-engine.rhino in the future.) > > Take a look at the following method and class: > > http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/Context.h...)http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/ClassShut... > > --N _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by Keithgchapman
::
Rate this Message:
Hi Norris,
I tried this but then accessing host objects fail with exceptions such as Access to Java class "java.lang.String" is prohibited. I want to prohibit running java code directly from javascript but I want to expose my host objects. Whats the best way to do this? Thanks, Keith On Jan 23, 9:41 pm, keith <keithgchap...@...> wrote: > Hi Norris, > > I did implement this interface as follows > > public class ClassShutterImpl implements ClassShutter { > public boolean visibleToScripts(String fullClassName) { > // For the moment we dont allow to execute java code > return fullClassName.startsWith("org.mozilla.javascript"); > } > > } > > and set this in the context. When i execute the following script > > function foo(){ > x = 10;} > > java.lang.System.exit(0); > > I get this error, Is there a way that I can throw a more meaningfull > error. May be something like "sorry we do not allow you to run Java > code through LiveConnect". > > caused org.mozilla.javascript.EcmaError: TypeError: exit is not a > function, it is org.mozilla.javascript.NativeJavaPackage. (test#4) > > Is there a better way I can do this? > > thanks, > Keith. > > On Jan 22, 11:54 pm, Norris Boyd <norrisb...@...> wrote: > > > On Jan 22, 5:07 am, keith <keithgchap...@...> wrote: > > > > Hi, > > > > I understand that I can call Java code directly from Within Rhino. Is > > > there a configuration setting or something that can disable this > > > feature? > > > > for e.g I dont want a script having > > > java.lang.System.exit(0); > > > bring down the whole system. Is there anyway I can control this. > > > > Thanks, > > > Keith. > > > (Please use mozilla.dev.tech.js-engine.rhino in the future.) > > > Take a look at the following method and class: > > >http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/Context.h...... > > > --N _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by jan.grant
::
Rate this Message:
On Fri, 25 Jan 2008, keith wrote:
> Hi Norris, > > I tried this but then accessing host objects fail with exceptions such > as Access to Java class "java.lang.String" is prohibited. I want to > prohibit running java code directly from javascript but I want to > expose my host objects. Whats the best way to do this? I had a bit of a stab at this: ditched the importing of Package into the namespace and got rid of getClass and other routes to the classloader. Then whatever APIs I expose to the environment (ie, the graph of reachable types) seems pretty much under control. It's being able to implement object capabilities via that "reachable through calls" graph (which finds troublesome calls under the base class Object) that seems the most natural way to achieve what I'm after: but then I'm interested in running JS of a low trust level. Still not convinced my approach was watertight; it'd be interesting to hear how others are doing this. Cheers, jan -- jan grant, ISYS, University of Bristol. http://www.bris.ac.uk/ Tel +44 (0)117 3317661 http://ioctl.org/jan/ OORDBMSs make me feel old; I remember when this was all fields. _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by Norris Boyd-2
::
Rate this Message:
Well, if you can figure out a set of objects like java.lang.String
that you're happy to expose to JavaScript, then you can allow those through ClassShutter. If you delete the top-level "java" property, then users can only get to those objects via your host objects, for what that's worth. --N On Jan 25, 3:41 pm, keith <keithgchap...@...> wrote: > Hi Norris, > > I tried this but then accessing host objects fail with exceptions such > as Access to Java class "java.lang.String" is prohibited. I want to > prohibit running java code directly from javascript but I want to > expose my host objects. Whats the best way to do this? > > Thanks, > Keith > > On Jan 23, 9:41 pm, keith <keithgchap...@...> wrote:> Hi Norris, > > > I did implement this interface as follows > > > public class ClassShutterImpl implements ClassShutter { > > public boolean visibleToScripts(String fullClassName) { > > // For the moment we dont allow to execute java code > > return fullClassName.startsWith("org.mozilla.javascript"); > > } > > > } > > > and set this in the context. When i execute the following script > > > function foo(){ > > x = 10;} > > > java.lang.System.exit(0); > > > I get this error, Is there a way that I can throw a more meaningfull > > error. May be something like "sorry we do not allow you to run Java > > code through LiveConnect". > > > caused org.mozilla.javascript.EcmaError: TypeError: exit is not a > > function, it is org.mozilla.javascript.NativeJavaPackage. (test#4) > > > Is there a better way I can do this? > > > thanks, > > Keith. > > > On Jan 22, 11:54 pm, Norris Boyd <norrisb...@...> wrote: > > > > On Jan 22, 5:07 am, keith <keithgchap...@...> wrote: > > > > > Hi, > > > > > I understand that I can call Java code directly from Within Rhino. Is > > > > there a configuration setting or something that can disable this > > > > feature? > > > > > for e.g I dont want a script having > > > > java.lang.System.exit(0); > > > > bring down the whole system. Is there anyway I can control this. > > > > > Thanks, > > > > Keith. > > > > (Please use mozilla.dev.tech.js-engine.rhino in the future.) > > > > Take a look at the following method and class: > > > >http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/Context.h...... > > > > --N _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by Attila Szegedi-3
::
Rate this Message:
You can rely on Java security facilities if you run your JVM under a
security manager, and then use PolicySecurityController to force JS scripts to run in a low-privilege security context, as specified by the Java policy you specify on java command line. That way, they won't be able to do "nasty" things (like, read/write files they aren't meant to, open network connections etc.) and JRE will take care of enforcing that. Attila. On 2008.01.25., at 21:50, Jan Grant wrote: > On Fri, 25 Jan 2008, keith wrote: > >> Hi Norris, >> >> I tried this but then accessing host objects fail with exceptions >> such >> as Access to Java class "java.lang.String" is prohibited. I want to >> prohibit running java code directly from javascript but I want to >> expose my host objects. Whats the best way to do this? > > I had a bit of a stab at this: ditched the importing of Package into > the > namespace and got rid of getClass and other routes to the classloader. > Then whatever APIs I expose to the environment (ie, the graph of > reachable types) seems pretty much under control. > > It's being able to implement object capabilities via that "reachable > through calls" graph (which finds troublesome calls under the base > class > Object) that seems the most natural way to achieve what I'm after: but > then I'm interested in running JS of a low trust level. > > Still not convinced my approach was watertight; it'd be interesting to > hear how others are doing this. > > Cheers, > jan > > -- > jan grant, ISYS, University of Bristol. http://www.bris.ac.uk/ > Tel +44 (0)117 3317661 http://ioctl.org/jan/ > OORDBMSs make me feel old; I remember when this was all fields. dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
|
|
Re: Can I disable the ability to call java code from rhino?
by jan.grant
::
Rate this Message:
On Sat, 26 Jan 2008, Attila Szegedi wrote:
> You can rely on Java security facilities if you run your JVM under a security > manager, and then use PolicySecurityController to force JS scripts to run in a > low-privilege security context, as specified by the Java policy you specify on > java command line. That way, they won't be able to do "nasty" things (like, > read/write files they aren't meant to, open network connections etc.) and JRE > will take care of enforcing that. I had a look at this approach; the other issue I had was that my application ran under a container - I had a fairly fine-grained and dynamic security requirement. Nesting security managers is "nontrivial", so I started with rough parameters for the policy and went the rest of the way using an object capability approach. Cheers, jan -- jan grant, ISYS, University of Bristol. http://www.bris.ac.uk/ Tel +44 (0)117 3317661 http://ioctl.org/jan/ Talk is cheap: free, as in beer. As in Real Ale, not that Budweiser rubbish. _______________________________________________ dev-tech-js-engine mailing list dev-tech-js-engine@... https://lists.mozilla.org/listinfo/dev-tech-js-engine |
| Free embeddable forum powered by Nabble | Forum Help |
