Hi team, Syncope is offering the possibility to extend / customize the base behavior on every deployment by allowing to provide custom implementations of a few Java interfaces; such implementations can be provided either as Java or Groovy classes [1], with the latter being particularly attractive as the machinery is set for runtime reload.
I was wondering if there is any best-practice available to limit what could be done by Groovy classes (e.g. System.exit, spawning new processes, etc.). I found [2] and a few other references which looks anyway either old or not for general purpose. Can you suggest something else? TIA Regards. [1] https://syncope.apache.org/docs/4.0/reference-guide.html#implementations [2] https://levelup.gitconnected.com/secure-groovy-script-execution-in-a-sandbox-ea39f80ee87 -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA https://about.me/ilgrosso
