Return-Path: Delivered-To: apmail-felix-dev-archive@www.apache.org Received: (qmail 46152 invoked from network); 30 Jun 2009 18:22:59 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 30 Jun 2009 18:22:59 -0000 Received: (qmail 11178 invoked by uid 500); 30 Jun 2009 18:23:09 -0000 Delivered-To: apmail-felix-dev-archive@felix.apache.org Received: (qmail 11098 invoked by uid 500); 30 Jun 2009 18:23:09 -0000 Mailing-List: contact dev-help@felix.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@felix.apache.org Delivered-To: mailing list dev@felix.apache.org Received: (qmail 11087 invoked by uid 99); 30 Jun 2009 18:23:09 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Jun 2009 18:23:09 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Jun 2009 18:23:07 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 262D4234C004 for ; Tue, 30 Jun 2009 11:22:47 -0700 (PDT) Message-ID: <1273417316.1246386167151.JavaMail.jira@brutus> Date: Tue, 30 Jun 2009 11:22:47 -0700 (PDT) From: "Richard S. Hall (JIRA)" To: dev@felix.apache.org Subject: [jira] Created: (FELIX-1286) Module class loader should use secure action instead of a privileged block MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org Module class loader should use secure action instead of a privileged block -------------------------------------------------------------------------- Key: FELIX-1286 URL: https://issues.apache.org/jira/browse/FELIX-1286 Project: Felix Issue Type: Bug Components: Framework Affects Versions: felix-1.6.0, felix-1.6.1, felix-1.8.0 Reporter: Richard S. Hall Assignee: Richard S. Hall Fix For: felix-1.8.1 Due to some refactoring, the module class loader is no longer being created in a privileged block. Since creating a secure class loader is a protected operation, this is causing difficulties when running Felix with the security manager enabled. The refactoring made our existing SecureAction approach for performing secure actions in feasible (because the class loader became an instance inner class and cannot be created externally anymore). We need to think of a new way to do this, but at a minimum we should just put a doPriv() block right in the ModuleImpl class. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.