On Sun, Aug 15, 2010 at 11:57 PM, Peter Firmstone <[email protected]> wrote: >> - When the run() method is called (on which thread?) > > It's called from a small thread pool, within the ECM. > >> , how does it >> determine which codebase or principal (etc.) to use when checking >> permissions? How does a socket delegate know to close a socket? >> > > It will be from the AccessControlContext, the Reaper will have it's > ProtectionDomain on the stack at the time.
If there is untrusted code on a thread's stack, and if the thread called a delegate, and if the delegate is in the between ECM.begin() and ECM.end(), then the delegate's reaper will be called, and it can close the socket. If the revocation happened elsewhere (e.g. the untrusted code is not on any stack, or is occupied with some other task), how does the socket get closed? Fred
