[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is there a solution to my problem? (Re: Symlinking jars is dangerous (Re: The evils of /usr/share/java/repository))

Ola Lundqvist <opal@debian.org> writes:
> > Another point about lib/ext. The JVM treats all jars in lib/ext as
> > priveleged, like java.lang.*.
> > 
> >   "By default, installed extensions are granted all security permissions
> >   as if they were part of the core platform API"
> > 
> >    -- http://java.sun.com/docs/books/tutorial/ext/security/policy.html
> > 
> > 
> > IOW, symlinking a bunch of jars to lib/ext is not the same as including
> > them in the regular classpath.
> > 
> > Now, do we really want to preclude the use of a SecurityManager in any
> > Debian-packaged Java app?
> 
> Probably not. So the lib/ext dir should be empty, right?

  Disagree. There is a world of difference between jars you install
  and jars you serendipitously obtain over the net via the Java Plug-in
  or Java Web Start.

  Our use of $JAVA_HOME/jre/lib/ext is exactly what it was meant for.

-- 
Bill Wohler <wohler@newt.com>  http://www.newt.com/wohler/  GnuPG ID:610BD9AD
Maintainer of comp.mail.mh FAQ and mh-e. Vote Libertarian!
If you're passed on the right, you're in the wrong lane.
Reply to: