incubator-yoko-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: UtilImpl needs permission to construct a SecurityManager???
Date Sun, 04 Mar 2007 20:33:45 GMT
See YOKO-302.  I don't see any bad effects from proceeding without  
the security manager if we can't create it.

thanks
david jencks

On Mar 4, 2007, at 1:46 PM, David Jencks wrote:

> I've run into a situation where I'm trying to use yoko in an  
> environment where it doesn't have permission to create a security  
> manager.  UtilImpl and UtilLoader have the same code with a static  
> field
>
>     // Note: this field must be declared before the static  
> intializer that calls Util.loadClass
>     // since that method will call loadClass0 which uses this  
> field... if it is below the static
>     // initializer the _secman field will be null
>     private static final SecMan _secman = new SecMan();
>
>     static class SecMan extends java.rmi.RMISecurityManager {
>         public Class[] getClassContext() {
>             return super.getClassContext();
>         }
>     }
>
> which is used in an attempt to load a class:
>
>         ClassLoader stackLoader = null;
>         Class[] stack = _secman.getClassContext();
>         for (int i = 1; i < stack.length; i++) {
>             stackLoader = stack[i].getClassLoader();
>             if (stackLoader != null)
>                 break;
>         }
>
>         if (stackLoader != null) {
>             try {
>                 result = stackLoader.loadClass(name);
>             } catch (ClassNotFoundException ex) {
>                 // skip //
>             }
>
>             if (result != null) {
>                 return result;
>             }
>         }
>
>
>
> obviously, in an environment where we don't have permission to  
> create a security manager this will fail.
>
> I can't say I'm an expert on security managers or the classloading  
> that's being attempted here.  What bad things would happen if we  
> left _secman null if we can't construct this security manager and  
> checked it was there before trying to use it?
>
>
> thanks
> david jencks
>


Mime
View raw message