Hi Rio,
I moved your issue to
http://jira.codehaus.org/browse/JANINO-66, please check and comment there.
CU
Arno
rio schrieb:
> I would like to restrict package access for the code fragements
> compiled and executed by Janino ExpressionParser. The Janino compiled code
> should only be able to access methods of the superclass that it
> implements and from the java.lang.* package. The methods of that superclass,
> that are implemented in my source code, should than be able to call whatever
> they want again.
>
> In other words. The thread that executes the JaninoExpressions should
> within the Janino Code be restricted to only have access to classes withiin
> specified
> Packages, and as soon as it comes back to my code, the thread should have
> full access again.
>
> We use janino to make parts of our application configurable. Without the
> restriction
> this would be a too big security breach.
>
> Some keywords i have been googling but without much success:
> - ProtectionDomain
> - checkPackage
> - SecurityManager
> - SandBox
> - sealed package
> but I did not manage to achieve anything.
>
> Is it doable at all. Any hints or even example code snappets?
>
> Thx
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
