This is the mail archive of the kawa@sources.redhat.com mailing list for the Kawa project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

security features for kawa

From: Thomas Kirk <tk at research dot att dot com>
To: Per Bothner <per at bothner dot com>
Cc: kawa at sources dot redhat dot com
Date: Mon, 31 Jan 2005 20:23:48 -0500
Subject: security features for kawa
References: <41FB1DC0.5020204@bothner.com>
Reply-to: tk at research dot att dot com

I've modified Kawa's classloaders to support annotation of compiled code
to work with the java security manager, so that scheme code may be
subject to runtime permission checking. Given the way code is loaded in
Kawa, this allows very fine-grained sandboxing -- permissions can be
assigned at the granularity of individual functions. In my application,
this has been a useful mechanism for containment of code that is
distributed at runtime, and for controlling resource access by 
untrusted code.

I can contribute this functionality back into the Kawa codebase if others
are interested. It would need some additional work to be made ready for 
general use, so I'd like to gauge interest before submitting patches.

cheers...
tom

Follow-Ups:
- Re: security features for kawa
  - From: Jim White
- Re: security features for kawa
  - From: Per Bothner
- Re: security features for kawa
  - From: Jost Boekemeier

References:
- srfi requests?
  - From: Per Bothner

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]