On 16/06/2021 11:18 pm, David Lloyd wrote:
There are already issues with Permission implementations, take for
example SocketPermission, it consults DNS and it isn't possible to enter
a range of IP addresses (such as the local subnet, and a list of public
IP addresses), for now, every single IP address must be entered and this
isn't practical. The proposed API would allow us to re-implement
SocketPermission functionality, as well as other Permission implementations.
Sure, this would be nice to clean up.
What the above example enhances:
* Generation of policy files during integration testing.
* Specifying Properties, to replace local information contained in URL
and file paths, for later policy expansion.
* In this specific case, I could substitute an IP address with a
property that specified an allowed subnet mask, this would
automatically expand the SocketPermission to the local subnet, and
it would shrink the size of the generated policy file by eliminating
other SocketPermission grants to IP addresses on the subnet.
--
Regards,
Peter Firmstone
Zeus Project Services Pty Ltd.
