Luca and Group,
Here is how to prevent User calling System.exit()
First create a ClassFilter that prevents access to the System object.
This will prevent all direct access to System, includeing
System.out.println. You can provide limited access to a class like System
by creating a wrapper class MySystem which then calls into System from Java
(not from Nashorn). This is both good and bad, the good is that you can
provide access to some methods in a class, the bad is that you can
accidentally "leak" methods that you may not wish to expose....
import jdk.nashorn.api.scripting.*;
public class MyFilter implements ClassFilter {
public boolean exposeToScripts(String className) {
if (className.contains("java.lang.System")) {
return false;
} else {
return true;
}
}
}
Then when you create the Nashorn engine pass the Filter to the Factory:
NashornScriptEngineFactory factory = new
NashornScriptEngineFactory();
ScriptEngine engine = factory.getScriptEngine(myFilter);
There may be other things that need to be addressed, like reflection (which
I think is disabled by defualt in Nashorn. But this should be a good
starting point.
Best,
-Adam
--
---
You received this message because you are subscribed to the Google Groups
"OrientDB" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
