Steen Lehmann wrote: > On 02/05/07, Charles Oliver Nutter <[EMAIL PROTECTED]> wrote: > [...] >> I think it's safe to say we know practically nothing about security >> policies in Java, so we're going to need outside help determining what >> permissions JRuby wants and which ones it actually needs. Like the >> security provider, I suspect many or most tricky permissions we can do >> without. > > After a hefty bit of debugging in JRuby+GoldSpike to diagnose my > PrivilegedException issue, here's what seems to be going on: > > When LoadService tries to require something, it will first check the > static method Ruby.isSecurityRestricted(), and if that method returns > true no local file access will be attempted. The method simply checks > for the presence of a System SecurityManager. This is on the coarse > side, security-wise, unless I've missed something.
That is a bit coarse...and I'd love to see a patch on the right fine-grained way to check for security restrictions. I believe this was largely to just "turn off everything insecure" when running in an applet, but it obviously would interfere with any other environment that has security restrictions of any kind. > Would you like me to try to elaborate on the security a bit? Perhaps > call the Security Manager's checkRead(String file) method (if a > Security Manager is set), instead of just rejecting the attempt > altogether? It should be a simple enough change. Yeah, that seems reasonable here. > Another solution might be to not use an absolute path to locate the > files in the Rails web app - but I don't have any idea how or if that > could be done (yet). That's going to be post 1.0...ideally we'll be able to give the File impl smarts to work with URL-based resources in classpath, which will eliminate some of the uglier bits of file sourcing. - Charlie _______________________________________________ Jruby-extras-devel mailing list [email protected] http://rubyforge.org/mailman/listinfo/jruby-extras-devel
