public inbox for java-prs@sourceware.org
help / color / mirror / Atom feed
* [Bug libgcj/21892] New: gnu.* and native code security audit
@ 2005-06-02 22:43 tromey at gcc dot gnu dot org
  2005-06-03  6:14 ` [Bug libgcj/21892] " konqueror at gmx dot de
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: tromey at gcc dot gnu dot org @ 2005-06-02 22:43 UTC (permalink / raw)
  To: java-prs

In order to be confident in our security implementation we must
ensure that calls to gnu.* code (which might bypass security checks)
are inaccessible to user code running in a secure context.
Some sort of automated testing would be ideal, so that we could reliably
re-run the audit whenever we like.  That will ensure we don't have
a (disastrous) regression here.

Likewise we must audit the CNI code for things like buffer overflows.

-- 
           Summary: gnu.* and native code security audit
           Product: gcc
           Version: 4.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: libgcj
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: tromey at gcc dot gnu dot org
                CC: gcc-bugs at gcc dot gnu dot org,java-prs at gcc dot gnu
                    dot org
OtherBugsDependingO 13603
             nThis:


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21892


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libgcj/21892] gnu.* and native code security audit
  2005-06-02 22:43 [Bug libgcj/21892] New: gnu.* and native code security audit tromey at gcc dot gnu dot org
@ 2005-06-03  6:14 ` konqueror at gmx dot de
  2005-06-03 15:13 ` tromey at gcc dot gnu dot org
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: konqueror at gmx dot de @ 2005-06-03  6:14 UTC (permalink / raw)
  To: java-prs


------- Additional Comments From konqueror at gmx dot de  2005-06-03 06:14 -------
What if people wanna access some gnu.* stuff we ship directly, like 
gnu.regexp? 

-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21892


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libgcj/21892] gnu.* and native code security audit
  2005-06-02 22:43 [Bug libgcj/21892] New: gnu.* and native code security audit tromey at gcc dot gnu dot org
  2005-06-03  6:14 ` [Bug libgcj/21892] " konqueror at gmx dot de
@ 2005-06-03 15:13 ` tromey at gcc dot gnu dot org
  2005-06-19 14:25 ` pinskia at gcc dot gnu dot org
  2005-07-13 17:17 ` tromey at gcc dot gnu dot org
  3 siblings, 0 replies; 5+ messages in thread
From: tromey at gcc dot gnu dot org @ 2005-06-03 15:13 UTC (permalink / raw)
  To: java-prs


------- Additional Comments From tromey at gcc dot gnu dot org  2005-06-03 15:13 -------
Good point; I think we'll have to make sure that safe and useful parts
of gnu.* are still accessible.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21892


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libgcj/21892] gnu.* and native code security audit
  2005-06-02 22:43 [Bug libgcj/21892] New: gnu.* and native code security audit tromey at gcc dot gnu dot org
  2005-06-03  6:14 ` [Bug libgcj/21892] " konqueror at gmx dot de
  2005-06-03 15:13 ` tromey at gcc dot gnu dot org
@ 2005-06-19 14:25 ` pinskia at gcc dot gnu dot org
  2005-07-13 17:17 ` tromey at gcc dot gnu dot org
  3 siblings, 0 replies; 5+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-06-19 14:25 UTC (permalink / raw)
  To: java-prs


------- Additional Comments From pinskia at gcc dot gnu dot org  2005-06-19 14:25 -------
Confirmed.

-- 
           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
     Ever Confirmed|                            |1
   Last reconfirmed|0000-00-00 00:00:00         |2005-06-19 14:25:29
               date|                            |


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21892


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libgcj/21892] gnu.* and native code security audit
  2005-06-02 22:43 [Bug libgcj/21892] New: gnu.* and native code security audit tromey at gcc dot gnu dot org
                   ` (2 preceding siblings ...)
  2005-06-19 14:25 ` pinskia at gcc dot gnu dot org
@ 2005-07-13 17:17 ` tromey at gcc dot gnu dot org
  3 siblings, 0 replies; 5+ messages in thread
From: tromey at gcc dot gnu dot org @ 2005-07-13 17:17 UTC (permalink / raw)
  To: java-prs


------- Additional Comments From tromey at gcc dot gnu dot org  2005-07-13 17:17 -------
According to mjw there is already code in classpath's ClassLoader
to do gnu.* checking (whether it is exactly what we want is not clear --
aph suggested we rename packages to make it very clear which parts
are private and which are not).

The idea is, classes loaded by the bootstrap loader have total access.
Other access attempts are checked for validity by the application loader.

I'm not sure what happens with class loaders that bypass the application
loader when delegating.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21892


^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-07-13 17:17 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-06-02 22:43 [Bug libgcj/21892] New: gnu.* and native code security audit tromey at gcc dot gnu dot org
2005-06-03  6:14 ` [Bug libgcj/21892] " konqueror at gmx dot de
2005-06-03 15:13 ` tromey at gcc dot gnu dot org
2005-06-19 14:25 ` pinskia at gcc dot gnu dot org
2005-07-13 17:17 ` tromey at gcc dot gnu dot org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).