On Mon, 22 May 2006, David Corbin defenestrated me: > > > Also send any any other thoughts on security/configuration of the runtime. > > I am going to try and rearrange some stuff to make the BSF/JSR223 > > integration a bit easier on the brain. > > I haven't really figured out how it ought to work/configured. Perhaps the > code could "test" and see if it appears to be in a "sandbox", and then switch > itself to a "secure mode". Not even sure what that means.
It could mean setting a SAFE level. That may be appropriate in a sandbox model. There are many details to this though (think about safety and allowing java integration for example). Plus, most of our functions have no safety checks in them yet. That would be a fun project for someone :) Plus about a trillion unit tests. My main task right now is just considering how to make all the magic global vars and include paths get set up in a sane way using JSR223. Configuration of the runtime in a secure env seems like it has some decent overlap. I will try and keep my eyes open on this task when I do this work. Hell, I may even make a appletized-JRuby too. -Tom -- + http://www.tc.umn.edu/~enebo +---- mailto:[EMAIL PROTECTED] ----+ | Thomas E Enebo, Protagonist | "Luck favors the prepared | | | mind." -Louis Pasteur | ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Jruby-devel mailing list Jruby-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jruby-devel
