[icedtea-web] URLPermission in Java 8
Andrew Azores
aazores at redhat.com
Wed Jun 18 16:55:36 UTC 2014
On 06/18/2014 12:17 PM, Omair Majid wrote:
> * Andrew Azores <aazores at redhat.com> [2014-06-18 11:56]:
>> If we go with reflection then we should be a little extra careful about it.
>> SecurityDesc#getSandboxPermissions gets called *a lot*.
>
> Then this isn't the code path to add this code.
>
> The classloader that creates a class gets to add a set of security
> permissions to that class. This is done once, when the class is
> created. If you can add the code there, then we should only pay the
> reflection cost once for each class.
>
> Thanks,
> Omair
>
Do we really want to exclude this permission from the reported set of
permissions in the applet's SecurityDesc? Because setting it directly in
the ClassLoader instead means that further attempts to determine the
sandbox set applied to the applet will be incomplete if done through
SecurityDesc, which doesn't sound good to me.
Thanks,
--
Andrew Azores
More information about the distro-pkg-dev
mailing list