<div dir="ltr"><div dir="ltr">I'm talking about sandboxing from the perspective of object capability patterns, where you can contain some actor inside a constrained classloader context and only allow execution through proxies that may be revoked. The JEE model, in theory, allows you to run several web applications without them stepping on each others toes, although I don't know how well implemented that is in practice.<div><br></div><div>BTW, Docker runs as root, so the virtual machine is where you get additional security: <a href="https://github.com/wsargent/docker-cheat-sheet#security">https://github.com/wsargent/docker-cheat-sheet#security</a></div></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Sep 17, 2018 at 2:09 AM Alan Bateman <<a href="mailto:Alan.Bateman@oracle.com">Alan.Bateman@oracle.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
On 16/09/2018 20:37, Will Sargent wrote:<br>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">> The <span class="m_1025753445889342746gmail-il">security</span> <span class="m_1025753445889342746gmail-il">manager</span> is legacy these days and
I think we need to figure out a plan how to deprecate and
eventually bury it.</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">I don't know of any research or papers that
explicitly say that SecurityManager is "legacy". I did
some research into this a while ago, and while
SecurityManager has some major flaws, I don't know of any
other way to sandbox a Java application. <br>
</div>
<br>
</div>
</div>
</div>
</blockquote>
Have you looked into native containers? It's easy to find examples
of applications running in a docker container for example.<br>
<br>
-Alan<br>
</div>
</blockquote></div>