On Tuesday 05 August 2003 01:43, Bryce McKinlay wrote: > The performance implications of all this are also rather concerning - > walking up the stack is going to be fairly slow. But I presume that for > normal applications where security is not required (ie > System.getSecurityManager()), such checks are avoided?
Performance is definitely an issue, so ideally it should be possible to omit stack checks in systems where this is not required. But you only need to do a stack walk when explicitly requested, i.e when AccessController.checkPermission() is invoked. For each stack frame you have to find the ProtectionDomain associated with the class in which the method being executed was declared; the set of distinct ProtectionDomain's is the AccessControlContext which will determine wheher the check passes or fails. Most of the time the number of distinct ProtectionDomain's will be rather small, the order doesn't matter, and all-powerful "system" classes have no effect on the end result; so opportunities for optimisation abound. -- Chris Gray /k/ Embedded Java Solutions Embedded & Mobile Java, OSGi http://www.kiffer.be/k/ [EMAIL PROTECTED] +32 477 599 703 _______________________________________________ Classpath mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/classpath
