In relation to the code security development - we need to be able to pull in the permissions requested by a component type in order to access the deployability of the component within a containment environment already subject to permission constraints.


I'm going to start on a PermissionDescriptor for addition to the avalon-meta/info package that will correspond with the PermissionDirective that already exists in the composition package. The approach I'm thinking of taking for the tag is as follows:

  @avalon.permission
     type="[required-classname]"
     name="[optional-name]"
     actions="[optional-comma-sep-sequence-of-actions]

For example:

  @avalon.permission
     type="java.io.FilePermission"
     name="${avalon.dir}"
     actions="read,write"

Stephen.

--

|------------------------------------------------|
| Magic by Merlin                                |
| Production by Avalon                           |
|                                                |
| http://avalon.apache.org/merlin                |
| http://dpml.net/merlin/distributions/latest    |
|------------------------------------------------|

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Reply via email to