Return-Path: Delivered-To: apmail-ant-dev-archive@www.apache.org Received: (qmail 63314 invoked from network); 26 May 2005 22:36:28 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 26 May 2005 22:36:28 -0000 Received: (qmail 82595 invoked by uid 500); 26 May 2005 22:36:27 -0000 Delivered-To: apmail-ant-dev-archive@ant.apache.org Received: (qmail 82252 invoked by uid 500); 26 May 2005 22:36:26 -0000 Mailing-List: contact dev-help@ant.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "Ant Developers List" Reply-To: "Ant Developers List" Delivered-To: mailing list dev@ant.apache.org Received: (qmail 82237 invoked by uid 99); 26 May 2005 22:36:26 -0000 X-ASF-Spam-Status: No, hits=0.2 required=10.0 tests=NO_REAL_NAME X-Spam-Check-By: apache.org Received: from ajax-1.apache.org (HELO ajax.apache.org) (192.87.106.226) by apache.org (qpsmtpd/0.28) with ESMTP; Thu, 26 May 2005 15:36:24 -0700 Received: by ajax.apache.org (Postfix, from userid 99) id 6AF4B180; Fri, 27 May 2005 00:36:22 +0200 (CEST) From: bugzilla@apache.org To: dev@ant.apache.org Subject: DO NOT REPLY [Bug 28546] - Ant should offer hierarchical resource containment X-Bugzilla-Reason: AssignedTo Message-Id: <20050526223622.6AF4B180@ajax.apache.org> Date: Fri, 27 May 2005 00:36:22 +0200 (CEST) X-Virus-Checked: Checked X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=28546 ------- Additional Comments From curt@developerx.com 2005-05-27 00:36 ------- "Could you elaborate on which resources, in addition to time (see ant-contrib's limit task), you would expect to be controlled here?" Basically everything that you might limit by a SecurityManager Permission or a security policy. http://java.sun.com/j2se/1.5.0/docs/guide/security/permissions.html http://java.sun.com/j2se/1.5.0/docs/guide/security/PolicyFiles.html Security conscious companies and Ant service providers ("build farms" and "test farms") will want to restrict access to files, sockets, native code, external executables, AWT, audio, etc... There are basically two scenarios that this provides solutions to. One build on a shared build server could be "arbitrarily incompetent". Such a build could attempt to delete all of the files the server in an attempt to clean-up after itself, accidentally run against production machines with test data, and on and on. All of these things are also true for a build that is actually malicious. This is just a mechanism to ensure that a build "can't hurt anything else" outside of some set of permissions it has been given. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org For additional commands, e-mail: dev-help@ant.apache.org