[moved to jython-dev]
> I'm using Java's security framework with the jdk1.2.2 and have noticed
> that all of my python classes appear to have all of the permissions I've
> granted to Jython, even though I haven't granted any permissions to the
> python classes explicitly. I'm rather new to Java security, but it looks
> to me like the problem lies in the org.python.core.BytecodeLoader2 class
> in that, in the loadClassFromBytes method, it sets the protection domain
> of the loaded class to its _own_ protection domain rather than consulting
> the active security policy for an appropriate domain based on the code
Yes, we are aware. There have been a discussion thread on that in the past,
started by a post of mine:
but, my bad, that never found its way into the FAQ.
OTOH we discussed some possible designs in order to solve this.
But that's has somehow naturally faded out of interest until now.
It's a tough problem, java security model was not really intended to
host such a dynamic behaviour as that of jython.
In any case the code source approach is not sufficient, for proxies, adapters,
and exec code there is no clear code source.
> The python classes in my application are untrusted, so it's very
> undesirable for them to have the same permissions as the Jython jar (which
> includes write access so that the compiled python classes can be written
> to disk).
And classloader creation, which is evil <wink>.
> Any help would be appreciated.
I suggest starting with the old thread to make up your mind on the subject.
Then we can try together to see if there's a workaround for your situation.
We need some details. Does your untrusted jython code subclass java classes,
use exec ...?
For the long run we need to revamp the discussion and find a rock-solid design,
to be honest at the moment personally I have no time for that.
PS: I noticed that only now, the other posts of the old thread seem nomore
accessible any through the archives (they were around last year Xmas),
or I'm too tired.
In case I still have a copy of them, I will post that ...