Issue1185
Created on 2008-11-26.23:11:23 by ecapachedev, last changed 2009-06-21.21:54:20 by pjenvey.
File name |
Uploaded |
Description |
Edit |
Remove |
imp.java
|
ecapachedev,
2008-11-26.23:11:22
|
Modified imp.java file (from 2.2.1) |
|
|
SyspathJavaLoader.java
|
ecapachedev,
2008-11-26.23:11:52
|
Modified SyspathJavaLoader.java file (from 2.2.1) |
|
|
msg3855 (view) |
Author: (ecapachedev) |
Date: 2008-11-26.23:11:19 |
|
When using Jython in a container with security enabled, the
"__classpath__" classpath causes a SecurityException unless there is a
FilePermission grant to "__classpath__/-". Since the injection of
"__classpath__" to the classpath is sort of a hack to get the
JavaImporter to be used, it would seem there should be code to ignore
the use of the path when loading classes. In particular, the two places
I noticed an issue are:
1) org.python.core.imp.loadFromSource(String, String, PyObject)
A check for dir.isDirectory() will cause the SecurityException. As a
potential workaround, first check for
directoryName.equals("__classpath__") and if true, return null.
2) org.python.core.SyspathJavaLoader.loadClass(String, boolean)
A call to file.length() will cause the SecurityException. As a
potential workaround, first check for !dir.equals("__classpath__")
before proceeding to create the File and read from it.
|
msg4836 (view) |
Author: Philip Jenvey (pjenvey) |
Date: 2009-06-21.21:54:20 |
|
handling SecurityExceptions for these two places (and many more) were
added in r6252 (for #1188)
|
|
Date |
User |
Action |
Args |
2009-06-21 21:54:20 | pjenvey | set | status: open -> closed resolution: fixed messages:
+ msg4836 nosy:
+ pjenvey |
2009-03-14 02:35:54 | fwierzbicki | set | priority: normal |
2008-11-26 23:26:46 | ecapachedev | set | title: SecurityException with __classpath__ in the classpath -> SecurityException loading classes with __classpath__ in the classpath |
2008-11-26 23:11:52 | ecapachedev | set | files:
+ SyspathJavaLoader.java |
2008-11-26 23:11:23 | ecapachedev | create | |
|