[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: gnu.java.nio.FileChannelImpl
|
From: |
Jeroen Frijters |
|
Subject: |
RE: gnu.java.nio.FileChannelImpl |
|
Date: |
Fri, 26 Nov 2004 11:45:29 +0100 |
Michael Koch wrote:
> What do you do if someone writes a package gnu.foobar and wants to
> access it ? There are some gnu.* packages out there.
Hmm. Typically these won't be loaded by the bootstrap class loader, so
it shouldn't be a problem, but if you want to avoid any possible
problems we can also introduce a gnu.classpath.private.* package for all
the classes that are privileged.
> Do you want to
> maintain the list of packages to allow ? The list of packages we need
> to limit access too is much leaner and well known to us as the
> packages are maintained under our control.
Black listing isn't as secure as white listing. It's easy to forget to
add a package and not having access to a package is better than having a
security hole.
Regards,
Jeroen
- Re: gnu.java.nio.FileChannelImpl, (continued)
- Re: gnu.java.nio.FileChannelImpl, Michael Koch, 2004/11/25
- Re: gnu.java.nio.FileChannelImpl, Ewout Prangsma, 2004/11/26
- Re: gnu.java.nio.FileChannelImpl, Michael Koch, 2004/11/26
- Re: gnu.java.nio.FileChannelImpl, Ewout Prangsma, 2004/11/26
- Re: gnu.java.nio.FileChannelImpl, Michael Koch, 2004/11/26
- Re: gnu.java.nio.FileChannelImpl, Ewout Prangsma, 2004/11/26
RE: gnu.java.nio.FileChannelImpl, Jeroen Frijters, 2004/11/26
RE: gnu.java.nio.FileChannelImpl, Jeroen Frijters, 2004/11/26
RE: gnu.java.nio.FileChannelImpl,
Jeroen Frijters <=
RE: gnu.java.nio.FileChannelImpl, Jeroen Frijters, 2004/11/26