[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [aspectj-dev] aop security
|
> at the byte code level the way AOP really works.Cant
> someone cause real damage
This issue isn't about AOP, it's just plain Java.
Anyone who has your .class files can write files that look like them,
using any number of tools.
If you seal your .jar files, then no one can rewrite the .class files.
So if you have concerns there, seal your .jar libraries. If you're
worried about someone replacing the system class loader and such,
prohibit that using permissions. For more information on Java security,
read the relevant materials from Sun, at http://java.sun.com
AspectJ does not introduce new security risks, for the same reasons
it preserves Java's type safety: to add, not remove, language features.
Wes
> ------------Original Message------------
> From: Balasubramanian Sankararaman <getsuman4u@xxxxxxxxx>
> To: aspectj-dev@xxxxxxxxxxx
> Date: Thu, Mar-17-2005 4:46 PM
> Subject: [aspectj-dev] aop security
>
> what restrictions are available in AspectJ that someone doesnot inject
> malicious code.
>
> I am not talkin about application level security or cross cutting
> concerns , but at the byte code level the way AOP really works.Cant
> someone cause real damage ....that way ,is there any way that we can
> make it more secure.
>
>
> bala
> _______________________________________________
> aspectj-dev mailing list
> aspectj-dev@xxxxxxxxxxx
> http://dev.eclipse.org/mailman/listinfo/aspectj-dev
>
