You can use PolicySecurityController. Then you can assign a CodeSource
to every script that is loaded, and you can configure the Java policy
for code coming from the code source assigned to scripts to only be
able to access certain classes by assigning it a RuntimePermission
with "accessClassInPackage.{packageName}".
Also, as another poster has pointed out, you can also use ClassShutter.
Attila.
On 2008.03.06., at 19:53, Dale Beermann wrote:
> Hi,
>
> We have a signed Java applet that provides platform extensibility
> through Rhino. We need very strict control over what our users can do
> in scripts because scripts are shared and executed between multiple
> users (e.g. we need to restrict access to java.io).
>
> I've looked into SecurityController but this doesn't seem to be quite
> what I'm looking for. I am currently using
> Context.setApplicationClassLoader() to control how classes are loaded
> for scripts. This allows me to define a list of classes/packages that
> we want to provide to script authors, but I'm unsure of whether or not
> this is the best way to implement this and the documentation for this
> method is a bit sparse.
>
> If anyone has a better suggestion for controlling access to Java
> packages I would very much appreciate your input.
>
> Thank you,
>
> Dale Beermann
_______________________________________________
dev-tech-js-engine-rhino mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-js-engine-rhino
