avalon-phoenix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <pe...@apache.org>
Subject Re: Security policy -> Question!
Date Sat, 28 Sep 2002 02:15:55 GMT

On Thu, 26 Sep 2002 14:02, Mircea Toma wrote:
> I'm picking up on this discussion to find answer to a question that has
> buged me lately. A while ago we had a discussion about making available
> kernel services to blocks. We all know the benefits of that. The problem is
> how to protect the kernel from malicious/unknown code. The solution would
> be to create a few Phoenix specific Permission classes (such as
> DeployPermission, ApplicationPermission) and use the AccessController to
> check if the calling code has been granted access (configured in the
> general policy file). 

thats a pretty neat idea.

> So my question is why this solution was not chosen?

Partially because it also requires exposing the classloader containing all the 
interfaces for kernel and we have not had the infrastructure to do that. I am 
currently working on that ;)

> Because right now Phoenix is moving away from its original definition of
> "micro-kernel" by integrating more and more functionality into the kernel
> space (aka SystemManager, DeploymentMonitor ..).

yep. Those should definetly become hosted applications.


Peter Donald
| Every rule has an exception,   |
| except the rule of exceptions. |

To unsubscribe, e-mail:   <mailto:avalon-phoenix-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-phoenix-dev-help@jakarta.apache.org>

View raw message