Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id CDDE3200D23 for ; Thu, 19 Oct 2017 16:09:03 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id CC5A51609ED; Thu, 19 Oct 2017 14:09:03 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 4505C1609E2 for ; Thu, 19 Oct 2017 16:09:03 +0200 (CEST) Received: (qmail 46041 invoked by uid 500); 19 Oct 2017 14:09:02 -0000 Mailing-List: contact user-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Commons Users List" Delivered-To: mailing list user@commons.apache.org Received: (qmail 46029 invoked by uid 99); 19 Oct 2017 14:09:02 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 19 Oct 2017 14:09:02 +0000 Received: from mail-ua0-f176.google.com (mail-ua0-f176.google.com [209.85.217.176]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id BC81A1A04DE for ; Thu, 19 Oct 2017 14:09:01 +0000 (UTC) Received: by mail-ua0-f176.google.com with SMTP id n38so6053273uai.11 for ; Thu, 19 Oct 2017 07:09:01 -0700 (PDT) X-Gm-Message-State: AMCzsaVrJQ16nthr8yPFsrnCjm12pKuD3bAlz9W5/GalGRO0fHFKxXA7 0ZBEvBK8XD+W/yaog69K/OBM3YUicoOKILOEhcI= X-Google-Smtp-Source: ABhQp+T9ARndJQfSY3CWrfxrk1i2cUw6imJKAcYK4diU9kMlBlhnyOScl+eYBC2UaiTwpQTqMmhjuXvmnO2nwxDY8qc= X-Received: by 10.176.70.97 with SMTP id z33mr1280884uab.107.1508422140753; Thu, 19 Oct 2017 07:09:00 -0700 (PDT) MIME-Version: 1.0 Received: by 10.103.149.22 with HTTP; Thu, 19 Oct 2017 07:09:00 -0700 (PDT) From: Woonsan Ko Date: Thu, 19 Oct 2017 10:09:00 -0400 X-Gmail-Original-Message-ID: Message-ID: Subject: [JEXL] white list classes, not by interfaces? To: Commons Users List Content-Type: text/plain; charset="UTF-8" archived-at: Thu, 19 Oct 2017 14:09:04 -0000 Hi, I'm experimenting it with JexlSandbox (for blackbox mode) of v3.1 like the following example: JexlSandbox sandbox = new JexlSandbox(false); sandbox.white(IFoo.class.getName()); // ... JexlEngine engine = new JexlBuilder().sandbox(sandbox).create(); But if I put an instance of FooImpl (implementing IFoo interface) for instance, the JEXL interpreter doesn't seem to be able to resolve IFoo's methods. If I add FooImpl.class.getName() to the white list, then it starts resolving the method call without a problem. So, I assume the sandbox permission handling might be checking the implementation class name only. Is it true? If so, wouldn't it be nice if it can check its interfaces as well? When providing an interpreting env using JEXL, I think it's very common to separate the interfaces from various implementations. Regards, Woonsan --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@commons.apache.org For additional commands, e-mail: user-help@commons.apache.org