tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: WEB-INF classloading and on the fly compilation
Date Fri, 15 Sep 2000 01:02:10 GMT
> What Cocoon does today is to write the JAVA files in the servlet work
> directory (and I believe that's given in the specs), and perform a bunch
> of security-legal operations (like constructing a ClassLoader with the
> WEB-APP classloader as a parent... blablabla)...
> The only "security constraint" such a WEB-APP would require is to be
> able to construct  a classloader, and work in the work directory (even
> if this last one can be avoided, doing basically everything in
> memory)...

Creating a ClassLoader is not a security-legal operation for a sandboxed
application ( unless you use a special case of URLClassLoader ). In fact
it's considered a dangerous operation. 

Javac itself has a number of insecure operations inside - and jikes ( or
other C-based java compilers) are clearly out. 
It works with jasper because doPriviledged() is used - and jasper is
granted AllPermissions.

Of course, you can just disable security and grant all permissions to
all applications - the real problem is ( IMHO ) that you stretch too much
the servlet. Not everything must be a servlet. 

Or - write a simple interface for what you need and adapters for common
servers, and if someone has a very special setup he can create an adapter. 
Install cocoon ( or any system that is complex enough to require a
complier ) as a server extension. ( at least that's how jasper works )

Or you can put everything in a WAR box, and rewrite the compiler and
everything else to fit the init()/service() model. 


View raw message