[
https://issues.apache.org/jira/browse/SLING-740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12649380#action_12649380
]
Bertrand Delacretaz commented on SLING-740:
-------------------------------------------
> Forgot to mention that there's no security w.r.t snippets code.
> Well, this is of course the same issue with traditional scripting. E.g. you
> could
> System.exit(0) in any JSP or java.lang.System.exit(0) in any ECMAScript...
Of course, but with javashell one can edit code directly from a browser, and
the code runs with the privileges of the Sling server application.
> javashell sample
> ----------------
>
> Key: SLING-740
> URL: https://issues.apache.org/jira/browse/SLING-740
> Project: Sling
> Issue Type: Improvement
> Components: Samples
> Reporter: Bertrand Delacretaz
> Priority: Minor
> Attachments: javashell-example.jpg
>
>
> I have created a sample app named "javashell" that allows for executing java
> code snippets stored in repository nodes.
> The app provides a few simple JCR samples, and a user interface to edit them.
> I'll commit that under samples/javashell.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
