[
https://issues.apache.org/jira/browse/OWB-549?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13541388#comment-13541388
]
Mark Struberg commented on OWB-549:
-----------------------------------
The first step is to reduce the number of methods in ClassUtil. Especially
trivial methods which do heavy reflection stuff are breaking our security.
In another step we will introduce commons-weaver + privilizer module to
generate all the doPriviliged blocks for us.
> Security review needed for ClassUtil
> ------------------------------------
>
> Key: OWB-549
> URL: https://issues.apache.org/jira/browse/OWB-549
> Project: OpenWebBeans
> Issue Type: Bug
> Affects Versions: 1.0.0, 1.1.0
> Reporter: Mark Struberg
> Assignee: Mark Struberg
> Fix For: 1.2.0
>
>
> Our ClassUtil currently contains lots of static methods which might get used
> to void our security. Thise methods must get allowed in the SecurityManager,
> but are publicly callable.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
