You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@xalan.apache.org by ar...@apache.org on 2004/02/12 10:37:22 UTC

cvs commit: xml-xalan/java/src/org/apache/xalan/xsltc/compiler ObjectFactory.java SecuritySupport.java SecuritySupport12.java

aruny       2004/02/12 01:37:22

  Added:       java/src/org/apache/xalan/xsltc/compiler Tag:
                        jaxp12112003_branch ObjectFactory.java
                        SecuritySupport.java SecuritySupport12.java
  Log:
  ObjectFactory class exposes class loaders publicly which allow untrusted code to access internal classes. Making following changes to fix it.
  
  1.Duplicating the ObjectFactory, SecuritySupport.java and SecuritySupport12.java class in order to make it package private in each of the   packages that require its services.
  2.Using checkPackageAccess() to prevent access to internal packages of jdk(sun.*).
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.1.2.1   +665 -0    xml-xalan/java/src/org/apache/xalan/xsltc/compiler/Attic/ObjectFactory.java
  
  
  
  
  1.1.2.1   +159 -0    xml-xalan/java/src/org/apache/xalan/xsltc/compiler/Attic/SecuritySupport.java
  
  
  
  
  1.1.2.1   +180 -0    xml-xalan/java/src/org/apache/xalan/xsltc/compiler/Attic/SecuritySupport12.java
  
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: xalan-cvs-unsubscribe@xml.apache.org
For additional commands, e-mail: xalan-cvs-help@xml.apache.org