Home

Add a comment

 

Avatar: Karsten Lehmann

Re: Java in Notes/Domino Explained: On Java Security and how it relates to Notes/Domino

And the real fun begins when you are working with callbacks and want to make this elevation code secure. It's easy to call a simple JVM method like setAccessible(boolean) or create a FileOutputStream, but imaging that a callback should get called within the AccessController block. Then that callback gets called with full privileges and can do whatever it wants in the system.

So you should think before you work with AccessController.doPrivileged(...).

BTW: Do you know a way to reduce permissions again within the AccessController block?


Re: Java in Notes/Domino Explained: On Java Security and how it relates to Notes/Domino


Title
Body
HTML : b, strong, i, em, blockquote, br, p, pre, a href="", ul, ol, li, sub, sup
OpenID Login
Name
E-mail address
Website
Remember me Yes  No 

E-mail addresses are not publicly displayed, so please only leave your e-mail address if you would like to be notified when new comments are added to this blog entry (you can opt-out later).