[
https://issues.apache.org/jira/browse/AXIS2-3650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12581538#action_12581538
]
Davanum Srinivas commented on AXIS2-3650:
-----------------------------------------
Looks like findbugs has some support for finding such locations - SWORD4J -
http://w3.alphaworks.ibm.com/tech/sword4j
> Need a scrub for J2S doPriv
> ---------------------------
>
> Key: AXIS2-3650
> URL: https://issues.apache.org/jira/browse/AXIS2-3650
> Project: Axis 2.0 (Axis2)
> Issue Type: Bug
> Reporter: Rich Scheuerle
> Assignee: Davanum Srinivas
> Fix For: 1.4
>
>
> Friendly reminder to add "doPriv" calls to your code as necessary.
> Especially new code.
> Lack of doPrivs leads to problems in enterprise environments.
> -------------------------------------------------------------
> As a refresher...doPrivs are needed for:
> Accessing the classloader
> Loading a class via Class.forName
> Method.invoke
> Calls to get system properties
> Calls to external projects that do the above.
> Also make sure to put the doPriv calls in areas that the customer cannot
> directly call.
> (For example don't expose a public Class forNameWithPriv(String name) method).
> Perhaps we should add this as a "release step"
> Dims volunteered to do a quick scrub prior to 1.4 release. Thanks dims.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
