Class loaders, etc

Godmar Back gback at cs.utah.edu
Sun Aug 23 18:08:51 PDT 1998


 Hi Archie,

> 
> In particular, does kaffe support the new 1.2 security checking model?

 No.

> Eg.:
> 
>   - Does kaffe differentiate between (and support simultaneous instances
>     of) two classes loaded via different class loader instances?

 Yes.  Except for the security part, class loaders work just fine.

> 
>   - Does kaffe maintain a set of constraints to prevent the security
>     exploit described in the paper?

 No.  Kaffe's classloader mechanism is broken in the same way other 1.1
loaders are.

> 
> Also, what's the state of byte-code verification in kaffe.. and is
> anyone actively working on this?

 I do not know, but I agree it needs to be done.  Before fixing class loaders,
I think the first step will be to implement elementary security checks, such
as honoring private and protected.

	- Godmar



More information about the kaffe mailing list