[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cp-patches] FYI: Patch java.lang.ClassLoader
From: |
Archie Cobbs |
Subject: |
Re: [cp-patches] FYI: Patch java.lang.ClassLoader |
Date: |
Mon, 11 Oct 2004 11:12:26 -0500 (CDT) |
Jeroen Frijters wrote:
> > > I committed the attached patch to implement the
> > > SecurityManager.checkPackageDefinition() security check.
> >
> > Just checking.. can this be subverted by the same trick mentioned
> > before, i.e., using '/' instead of '.' in the class name?
>
> Not if the VM does its job. VMClassLoader.defineClass() is supposed to
> check that the class file name matches the name in the class definition.
Ah right.. thanks.
-Archie
__________________________________________________________________________
Archie Cobbs * CTO, Awarix * http://www.awarix.com