Path: csiph.com!x330-a1.tempe.blueboxinc.net!feeder1.hal-mli.net!news.glorb.com!news-out.readnews.com!news-xxxfer.readnews.com!news-out.news.tds.net!newsreading01.news.tds.net!86597e80!not-for-mail From: "David 'Bombe' Roden" Subject: Creating a Sandbox Message-ID: <5qr7n3F110hqhU1@mid.uni-berlin.de> X-Comment-To: comp.lang.java.programmer Newsgroups: comp.lang.java.security Content-Type: text/plain; charset=IBM437 Content-Transfer-Encoding: 8bit X-Gateway: time.synchro.net [Synchronet 3.15a-Win32 NewsLink 1.92] Lines: 39 Date: Wed, 27 Apr 2011 16:07:53 GMT NNTP-Posting-Host: 96.60.20.240 X-Complaints-To: news@tds.net X-Trace: newsreading01.news.tds.net 1303920473 96.60.20.240 (Wed, 27 Apr 2011 11:07:53 CDT) NNTP-Posting-Date: Wed, 27 Apr 2011 11:07:53 CDT Organization: TDS.net Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.security:53 To: comp.lang.java.programmer Hi, everyone. I'm trying to create a sandbox that executes code loaded from a JAR file with reduced privileges. Unfortunately I'm a bit stuck. Here is what I tried so far. a) Created my own CodeSource and ProtectionDomain, used a custom ClassLoader (extending SecureClassLoader) and gave the ProtectionDomain to the defineClass class. Then I created an AccessControlContext with the ProtectionDomain, used the ClassLoader to load a class from a JAR file and tried to execute a method on the JAR file with the created AccessControlContext. b) Installed a Policy that would return special Permission object when a CodeSource from a JAR file is handed to getPermissions(). Then I create two classes from two different JAR files, create AccessControlContexts for each of them (using their getClass().getProtectionDomain()) and try to execute the method: when the method on the first class is called, getPermissions(CodeSource) on my custom policy is called but when I execute the method of the second class the policy is not asked, even with its different ProtectionDomain. So far I have not been successful using these (and other, more desperate) methods. Is it really so hard to create a sandbox or am I missing some important point? Also, it's hard to find examples or other documentation on how to execute code with _less_ privileges, most of the code using AccessController.doPrivileged() is aimed at executing code with _more_ privileges. Grateful for any hints, David --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24