[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cp-patches] FYI: Patch java.lang.ClassLoader
From: |
Jeroen Frijters |
Subject: |
RE: [cp-patches] FYI: Patch java.lang.ClassLoader |
Date: |
Mon, 11 Oct 2004 16:49:18 +0200 |
Archie Cobbs wrote:
> Jeroen Frijters wrote:
> > I committed the attached patch to implement the
> > SecurityManager.checkPackageDefinition() security check.
>
> Just checking.. can this be subverted by the same trick mentioned
> before, i.e., using '/' instead of '.' in the class name?
Not if the VM does its job. VMClassLoader.defineClass() is supposed to
check that the class file name matches the name in the class definition.
Regards,
Jeroen