commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bertrand Delacretaz <bdelacre...@apache.org>
Subject Eirik Bjørsnøs' notsoserial deserialization protection agent, for Commons?
Date Wed, 18 Nov 2015 21:58:56 GMT
Hi Commons PMC,

I'd like to introduce Eirik Bjørsnøs to this list (CCed) as the author
of the https://github.com/kantega/notsoserial agent.

I tested his agent in a variety of scenarios and it looks to me like a
great solution for the COLLECTIONS-580 deserialization issue, for
cases when one cannot modify their source code to use something like
IO-487.

I think this code would be a great addition to commons, probably as new module.

Eirik says he's open to donating his code if you the Commons PMC is
interested, what do you guys think?

Not that he did mention his tool here before [1] but it has since changed name.

-Bertrand

[1] http://mail-archives.apache.org/mod_mbox/commons-dev/201511.mbox/%3CCA+pBWhsQK6trGh9TtA7=MCs-Z0-7SRBndWo_D6awFtRku3J1+g@mail.gmail.com%3E

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org


Mime
View raw message