On Wednesday 21 January 2004 19:31, Stephen McConnell wrote: > 1. first off - I think the setting of the security manager should > probably be moved to the repository package DefaultInitialContext > class - this class is the entry point for bootstrapping merlin > and creating the initial merlin classloaders
Possibly true. It is even debatable if it should be a container concern at all, or be set by the initial launcher. > 2. second point - the decision to enable security is currently > based on a true/false property which functions perfectly, > however - there are usage problems: These usage problems are there because the implementation is not yet done, and I need to sort out the bugs. In doing so, I will need to address these problems. > The important point here is that the kernel will be running in > environments that we are not in control of - and in this respect we need > to be adaptive and make sure we don't block an application because we > have assigned the SecurityManager in an host that is running in default > mode. Good point, but it is likely that the 'outer container' (Tomcat or whatever) has established not only the security manager, but more importantly the policy for the Merlin container. In such case, we would need to handle the case where we are not allowed to further restrain the permssions of the thread (i.e. if we don't have createAccessControlContext (or what ever it is called) rights). I'll be back with more reports about progress. Niclas --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
