Henri Biestro created JEXL-462:
----------------------------------
Summary: JexlPermissions.RESTRICTED must ensure a better level of
isolation
Key: JEXL-462
URL: https://issues.apache.org/jira/browse/JEXL-462
Project: Commons JEXL
Issue Type: Bug
Affects Versions: 3.6.3
Reporter: Henri Biestro
Assignee: Henri Biestro
Fix For: 3.6.4
The JexlPermissions.RESTRICTED constant is supposed to offer a decent level of
isolation between the script and its host.
It is still susceptible to allowing more than is intended, in part because its
use of the wildcard-package specification that gives 'silent' access to classes
that should definitely be explicit.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)