[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Capability Security in Java
At 4:38 PM 4/25/96 -0700, Simon Spero wrote:
>One thing that could be retroactively added to the vm pretty easily would
>be the ability to add capability requirements to methods, and have the
>class loader automatically generate code to check for those requirements
>before executing the body of the method
Now there is a statement that makes me sit up and take notice. I certainly
havn't thought this subject thru carefully, but to start, I think I would
like capabilities to be held by a specific object, so if I give a Java
object permission to read a file, that permission is not automatically
inherited by other objects, or instances of the same object which use the
common method.
There would also have to be a technique where capabilities could be passed
from object to object to allow subcontracting.
Having the capabilities held by objects means that access the objects needs
to be controled as well. I notice some items on Hal's list of Java
security problems which indicate weaknesses in this area, but it is not
clear if they are bugs (which will be fixed) or "features".
Regards - Bill
------------------------------------------------------------------------
Bill Frantz | The CDA means | Periwinkle -- Computer Consulting
(408)356-8506 | lost jobs and | 16345 Englewood Ave.
[email protected] | dead teenagers | Los Gatos, CA 95032, USA