0 Replies Latest reply: May 30, 2011 1:06 PM by 863823 RSS

    Security architecture

    863823
      I need help solving the following problem. I have two sets of code A and B. Typical use makes threads start in B, call code in A, triggering callbacks into B. I would like to grant more permission to A than B, in other words I want the A code that is sandwiched between B code in the stacks of calls to do things not allowed in B code.

      As an illustration, think of the problem as this:
      class A {
      
        public void submit (Runnable r) {
          // do things here not allowed in B
          r.run();
        }
      }
      class B implements Runnable {
      
        void someMethod (A a) {
          a.submit(this);
        }
        public void run () {
          // this code has fewer permissions than A
        }
      }
      How do I do this? How do I make A into a trusted library that is called from code with fewer permissions?

      MC