Sounds reasonable. Here's the new issue with attached patch: https://issues.apache.org/jira/browse/IVY-994
Thanks, -Archie On Tue, Jan 6, 2009 at 2:05 PM, Maarten Coene <[email protected]>wrote: > ok for me if the default value of "restricted" is true and that we add a > warning to the documentation about the risks of setting this to "false". > (I didn't take a look at your patch, so maybe you already did that). > > Could you attach the patch to a JIRA issue? > This way we won't forget to include it. > > Maarten > > > > > ________________________________ > From: Archie Cobbs <[email protected]> > To: [email protected]; Ivy Users <[email protected]> > Sent: Tuesday, January 6, 2009 6:49:39 PM > Subject: Re: Relaxing allowed ant tasks in packager.xsl > > I think this is a good idea. I think we can also do it in a way that > satisfies the security conscious. > > For example, we have add a new setting on the packager resolver e.g. > restricted="true/false" that would either restrict the ant operations to the > ones allowed now (if true), otherwise allow all ant operations (if false). > > What do others think? I've attached a patch that implements this. > > -Archie > > > On Mon, Jan 5, 2009 at 2:21 PM, Mark Thomas <[email protected]> > wrote: > > I've come across a problem in using the packager resolver in that the > "allowed" ant tasks are too limited for certain. For example, many > open-source Java software is no longer including the javadocs in the > archive(s) in order to limit download size (e.g. jcommon, hibernate 3.3+), > but they do provide an ant or maven file to generate the javadocs from > source. This could be done easily using the <ant/> ant task; however, this > task is not allowed by packager.xsl. I propose relaxing the restrictions on > the allowable ant tasks in order to overcome this limitation. > > Regards, > > Mark Thomas > [email protected] > 205.529.9013 > > "Commit to the Lord whatever you do, > and your plans will succeed." - Proverbs 16:3 > > > > -- > Archie L. Cobbs > > > > -- Archie L. Cobbs
