commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From robert burrell donkin <>
Subject Re: [logging] tech.xml - child-first classloading not considered harmful
Date Wed, 04 May 2005 20:38:41 GMT
On Wed, 2005-05-04 at 13:03 -0700, Mike Colbert wrote:
> > in the case of a parent-first classloader, the buggy implementation
> > would not be exposed since the call would be delegated to the system
> > classloader. in the case of a child-first classloader, a buggy
> > implementation may try to define SecurityManager itself and this bug
> > exploited.
> This would mean an attacker would have to take advantage of a bug in a class
> loader which allows them to load a malicious SecurityManager in such a way that
> it would be shared by all applications.  I can kind of see how parent-first
> delegation would mitigate this, but one would think that with appropriate
> levels of class loader isolation in place the delegation order becomes a
> non-issue.  Maybe the bug has something to do with broken isolation.

i was thinking that a malicious SecurityManager implementation might
allow an application to break out of it's sandbox but i'm not an expert
and this is really just speculation on my part. i don't think that this
kind of attack is any sort of realistic threat. this would be a good
time for craig to jump in...

- robert

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message