tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marsh David W Maj AFIT/ENG" <David.Ma...@afit.edu>
Subject RE: Security Assurance
Date Tue, 10 Jan 2006 16:23:31 GMT
Mladen Turk wrote:
> Marsh David W Maj AFIT/ENG wrote:
> > Tomcat Developers,
> > 
> > While I understand that the libraries and extensions used by Tomcat
> > *should* provide that assurance, what would happen if someone 
> > inadvertently wrote some code that could create a new object with 
> > rights never intended by developers?
> 
> What I would consider useful is a 'compile time note'
> that the code might be insecure, but trying to forbid any code during 
> execution time beyond existing execution security level is both out 
> of spec as well as completely useless.
> 
> So, if you find a way to introspect the possible harmful user written 
> code during compilation time, only then it would make some sense.
> 
> Regards,
> Mladen.

Thanks.  And yes, my thought is to provide feedback during development.
There would have to be a way to capture design intent through explicit
markers (or perhaps an inference) identifying both the protected code
and those code segments that are allowed to access the protected code.
These markers would be used by the analyzer to determine the [lack of]
conformity of the existing code to the stated intent.

David


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message