Nick Sieger-2 wrote:
>
> On 6/28/07, Thomas E Enebo <[EMAIL PROTECTED]> wrote:
>> I say chuck it out since we are not even close to being correct in
>> this area. It gives a false sense of security. In fact, I wonder
>> what sort of audit MRI goes through to demonstrate that safe/taint is
>> working. As far as I can tell tainting is really tough to get right
>> and keep right.
>>
>> The Drb mention below makes me think we need to come up with a
>> creative solution to replace it (using Java's security mechanism in
>> some way). I am hoping some enterprising community member who cares
>> about this will help find the true path...
>
> Actually, I'm thinking the right path would be to promote
> sandbox/javasand. We just need to polish it up and get some examples
> out there on how to secure a real-world application with it. _eric's
> irc bot is one example.
>
> /Nick
>
>
Hi Nick
I started a Wiki Page for the new Security features/implemenation at the
Jruby wiki.
how would the Sandbox work in ruby and can it be be cross ruby
implemntation?
Derek
--
View this message in context:
http://www.nabble.com/Ditching-SAFE-and-tainting-tf3989911.html#a11414826
Sent from the JRuby - Dev mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
