avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <aok...@bellsouth.net>
Subject Re: Re: [merlin] code security - ON or OFF
Date Thu, 22 Jan 2004 15:20:50 GMT
Niclas,

> Good point, but it is likely that the 'outer container' (Tomcat or whatever) 
> has established not only the security manager, but more importantly the 
> policy for the Merlin container. In such case, we would need to handle the 
> case where we are not allowed to further restrain the permssions of the 
> thread (i.e. if we don't have createAccessControlContext (or what ever it is 
> called) rights).

Stupid question but just wondering.

Would this still be an issue if Merlin is deemed a privledged peice of 
code running in the embedding container?  

Alex



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org


Mime
View raw message