I haven't been closely following the River project in a while, but I actually
had the same thought as Benson. I'm no security expert so I can't give a good
assessment, but I think the River folks *believe* they have an infrastructure
for keeping things secure (or at least not executing code that you don't
trust). You might want to look at the net.jini.security package and
sub-packages:
http://river.apache.org/doc/specs/api/net/jini/security/package-summary.html
http://river.apache.org/doc/specs/api/net/jini/security/proxytrust/package-summary.html
I'm not sure how separate the trust-related infrastructure is from the rest of
River, but it might provide a useful model and starting point at least...
Thanks,
Dennis
-----Original Message-----
From: John Vines [mailto:[email protected]]
Sent: Thursday, August 09, 2012 9:50 AM
To: [email protected]
Subject: Re: River.apache.org
I don't think so. I think the relationship is that we both share the problem of
how can you run dynamic code in a safe way. But after a cursory glance, I don't
see them providing any sort of infrastructure to keep things secure.
John
On Wed, Aug 8, 2012 at 2:57 PM, Benson Margulies <[email protected]>wrote:
> Is this stuff remotely relevant to the question of how to manage
> iterator code in a safe and organized way?
>
