On Sat, 26 Jan 2008, Attila Szegedi wrote:
> You can rely on Java security facilities if you run your JVM under a security
> manager, and then use PolicySecurityController to force JS scripts to run in a
> low-privilege security context, as specified by the Java policy you specify on
> java command line. That way, they won't be able to do "nasty" things (like,
> read/write files they aren't meant to, open network connections etc.) and JRE
> will take care of enforcing that.
I had a look at this approach; the other issue I had was that my
application ran under a container - I had a fairly fine-grained and
dynamic security requirement. Nesting security managers is
"nontrivial", so I started with rough parameters for the policy and went
the rest of the way using an object capability approach.
Cheers,
jan
--
jan grant, ISYS, University of Bristol.
http://www.bris.ac.uk/Tel +44 (0)117 3317661
http://ioctl.org/jan/Talk is cheap: free, as in beer. As in Real Ale, not that Budweiser rubbish.
_______________________________________________
dev-tech-js-engine mailing list
dev-tech-js-engine@...
https://lists.mozilla.org/listinfo/dev-tech-js-engine
