Janino
  1. Janino
  2. JANINO-66

Security: restrict package access

    Details

    • Type: New Feature New Feature
    • Status: Resolved Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:
      None
    • Number of attachments :
      1

      Description

      This issue was originally created on the USER mailing list and was moved here automatically.

      --------------------------------------------

      [janino-user] Security: restrict package access
      karg_a@hotmail.com
      user@janino.codehaus.org
      16.08.2006 12:22
      user@janino.codehaus.org

      I would like to restrict package access for the code fragements
      compiled and executed by Janino ExpressionParser. The Janino compiled code
      should only be able to access methods of the superclass that it
      implements and from the java.lang.* package. The methods of that superclass,
      that are implemented in my source code, should than be able to call whatever
      they want again.

      In other words. The thread that executes the JaninoExpressions should
      within the Janino Code be restricted to only have access to classes withiin
      specified
      Packages, and as soon as it comes back to my code, the thread should have
      full access again.

      We use janino to make parts of our application configurable. Without the
      restriction
      this would be a too big security breach.

      Some keywords i have been googling but without much success:

      • ProtectionDomain
      • checkPackage
      • SecurityManager
      • SandBox
      • sealed package
        but I did not manage to achieve anything.

      Is it doable at all. Any hints or even example code snappets?

      Thx
      – View this message in context: http://www.nabble.com/Security%3A-restrict-package-access-tf2114451.html#a5829941 Sent from the janino - user forum at Nabble.com. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email

        Activity

        Hide
        Arno Unkrig added a comment -

        Hi there,

        I'd like to not build access restrictions into JANINO but keep them as separate as possible from JANINO itself.

        I experimented a while ago with the attached "SandBox.java", which implements an

        AccessController

        with zero permissions. May what you want can be achieved through a custom

        AccessController

        ? Please check; I'm not to really firm with Java's access control mechanisms.

        Another approach could be to write a custom

        ClassLoader

        that restricts access to certain classes depending on certain conditions, e.g. which class attempts to load the class in question. Could that work?

        Again, I do not want to build "security" into JANINO, because that shifts the responsibility for security into JANINO, and there is no good reason to.

        CU

        Arno

        Show
        Arno Unkrig added a comment - Hi there, I'd like to not build access restrictions into JANINO but keep them as separate as possible from JANINO itself. I experimented a while ago with the attached "SandBox.java", which implements an AccessController with zero permissions. May what you want can be achieved through a custom AccessController ? Please check; I'm not to really firm with Java's access control mechanisms. Another approach could be to write a custom ClassLoader that restricts access to certain classes depending on certain conditions, e.g. which class attempts to load the class in question. Could that work? Again, I do not want to build "security" into JANINO, because that shifts the responsibility for security into JANINO, and there is no good reason to. CU Arno
        Hide
        Arno Unkrig added a comment -

        I introduced the concept of "auxiliary classes" which will hopefully solve your problems.

        Will ship as 2.5.0 tonight.

        CU

        Arno

        Show
        Arno Unkrig added a comment - I introduced the concept of "auxiliary classes" which will hopefully solve your problems. Will ship as 2.5.0 tonight. CU Arno

          People

          • Assignee:
            Arno Unkrig
            Reporter:
            Arno Unkrig
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: