Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
RE: [aspectj-users] Virus / unwanted code modification

Just because you are paranoid doesn't mean they aren't out to get you.

If your security is so lax that a penetration can run a compiler and add
or replace jar files, then AspectJ is the last of your worries.

Michael Oliver
CTO
Matrix Intermedia Inc.
3325 N. Nellis Blvd, #1
Las Vegas, NV 89115
Phone:(702)643-7425
Fax:(520)844-1036

-----Original Message-----
From: aspectj-users-admin@xxxxxxxxxxx
[mailto:aspectj-users-admin@xxxxxxxxxxx] On Behalf Of Adedayo Adetoye
Sent: Friday, July 09, 2004 9:48 AM
To: aspectj-users@xxxxxxxxxxx
Subject: Re: [aspectj-users] Virus / unwanted code modification

Nicolai wrote :

  An infection could go this way
- get the compiler
- search every java application
- and weave it with the infection aspect
- add aspectjrt.jar into the infected jar

Where is my fault?

---------------------------

I suppose a virus that already has such (r/w) access to the filesystem 
does not need to go through all the stress to do something malicious. 
But, any aspect woven in a java class is still subject to the usual Java

security constraints.

Cheers,
Dayo

_______________________________________________
aspectj-users mailing list
aspectj-users@xxxxxxxxxxx
http://dev.eclipse.org/mailman/listinfo/aspectj-users



Back to the top