From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 8627 invoked by alias); 28 Nov 2005 14:04:36 -0000 Received: (qmail 8618 invoked by uid 22791); 28 Nov 2005 14:04:35 -0000 X-Spam-Check-By: sourceware.org Received: from gbenson.demon.co.uk (HELO gbenson.demon.co.uk) (80.177.220.214) by sourceware.org (qpsmtpd/0.31) with ESMTP; Mon, 28 Nov 2005 14:04:31 +0000 Received: from slippy.wire.rat ([192.168.1.1]) by gbenson.demon.co.uk with esmtp (Exim 3.36 #1) id 1EgjcK-0002Ag-00 for mauve-discuss@sources.redhat.com; Mon, 28 Nov 2005 14:04:28 +0000 Received: from slippy.wire.rat (localhost.localdomain [127.0.0.1]) by slippy.wire.rat (8.13.1/8.13.1) with ESMTP id jASE4SCI013612 for ; Mon, 28 Nov 2005 14:04:28 GMT Received: (from gary@localhost) by slippy.wire.rat (8.13.1/8.13.1/Submit) id jASE4Seh013611 for mauve-discuss@sources.redhat.com; Mon, 28 Nov 2005 14:04:28 GMT Date: Mon, 28 Nov 2005 14:04:00 -0000 From: Gary Benson To: mauve-discuss@sources.redhat.com Subject: Re: SecurityException throwpoint audit Message-ID: <20051128140426.GE12549@redhat.com> Mail-Followup-To: mauve-discuss@sources.redhat.com References: <20051121165809.GB12340@redhat.com> <1132876894.5568.31.camel@localhost.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1132876894.5568.31.camel@localhost.localdomain> X-IsSubscribed: yes Mailing-List: contact mauve-discuss-help@sourceware.org; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: mauve-discuss-owner@sourceware.org X-SW-Source: 2005-q4/txt/msg00041.txt.bz2 Mark Wielaard wrote: > On Mon, 2005-11-21 at 16:58 +0000, Gary Benson wrote: > > I've been trying to work out how to test that permissions are > > checked at every point they ought to be. There's a table of every > > such point here: > > > > http://java.sun.com/j2se/1.4.2/docs/guide/security/permissions.html#PermsAndMethods > > I would not trust that list as the definite guide. I just looked for > a random method (which I was just working on for GNU Classpath) > Toolkit.getSystemSelection() and it was not listed. Ah, thanks for the warning. > > How would people feel if I numbered the throwpoints on the above > > list and noted them in their corresponding tests in some easily > > parsable form (probably in comments like Tags are already). That > > way whether a throwpoint is tested (and the location of the test) > > can be found with a simple grep. > > > > For simplicity I'd probably number the 1.4.2 list from 1-whatever. > > Checks added in 1.5 can be added at the end of the list. > > I don't really like the numbering. I would propose to actually name > the tests with somewhat meaningful names. Something like > __ for each Permission > and class.method() needing to check for that permission. (example: > AWTPermission_Toolkit_getSystemSelection) Yeah, that's better I suppose, I'll use that. Cheers, Gary