Hi.
Attached is a patch that attempts to implement AccessController, and fixes a few inconsistencies in other classes along the way.
The relevant details of this patch include:
* The stack inspection is implemented in VMAccessController, which simply has to provide three methods: pushing a privileged action context, popping it off, and getting an AccessControlContext. Fetching the actual stack is done in native code that works nearly identically to ThreadStack.getClassStack, but returns the method names alongside the classes. I couldn't find any existing code that did what I wanted (and believe this class needs), so I had to end up with some code duplication.
This VM* split seems somewhat superfluous to me, but maybe it is worth it. A similar implementation for libgcj should be trivial to write, and maybe for other VMs too.
* PrimordialClassLoader will set the default ProtectionDomain to one that contains a single AllPermission object. I think this is the right behavior, to allow "system" classes full permissions.
* Permission checking (with a PolicyFile enabled) will work for some permission types, but other Permission objects have some clear bugs that prevent proper checks. So far PropertyPermission and RuntimePermission seem to work ok.
* There are some bugs in Classpath's security classes, some of which are fixed here. I will propagate these back to Classpath.
* I wasn't entirely sure how to update the build system properly, so the Makefile diffs may be wrong.
Comments welcome. Clearly this isn't a complete implementation of the security architecture, but hopefully this is a start.
Hi Casey,
Nice! Thanks a lot, I've checked it in.
I also like that you've replaced Kaffe's own implementation of java.security classes by Classpath's, if you've got some time to look over the remaining ones, I'd love seeing kaffe getting closer to classpath in that area, too.
cheers, dalibor topic
_______________________________________________ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
