Java security restrictions

[ifrh]

In Praktomat/src/checker/scripts/javac there is a german comment containing thoughts about security restrictions at compile and execution time:

Praktomat/src/checker/scripts/java

Lines 1 to 4 in 92d1cf5

	#!/bin/bash
	# set -x
	# $Id: java,v 1.1 2002/07/19 12:22:10 krinke Exp $
	# Sicherheitsaspekte: siehe javac.

Praktomat/src/checker/scripts/javac

Lines 2 to 9 in 92d1cf5

	# $Id: javac,v 1.1 2002/07/19 12:22:10 krinke Exp $
	# Sicherheitsaspekte:
	# 1. Die Uebersetzung findet mit einer deutlich reduzierten
	# Klassen-Bibliothek statt (javac-sandbox.jar).
	# 2. Die Ausfuehrung findet mit einer deutlich reduzierten
	# Klassen-Bibliothek statt (java-sandbox.jar).
	# 3. Die Ausfuehrung findet mit einer leeren policy statt.

In that comment two JAR files are mentioned:

• javac-sandbox.jar
• java-sandbox.jar

I cannot find a trace to this two files and I do not see how they would be used in Praktomat/src/checker/scripts/javac or Praktomat/src/checker/scripts/java .

And in issue #307 it is mentioned that Java's Security Manager is deprecated.

By the way, I think restricted java environments should allow parametrized tests (i.e. JUNIT-PARAMS)

[ifrh]

@jkrinke : Do you remember where one can find the jar files you mentioned in the year 2002 ?

[jkrinke]

This is really old stuff... I indeed found some old scripts that relate to the sandbox and its creation. Please find attached.
old.zip

[ifrh]

@jkrinke : Thanks for attaching "old.zip".
In the script create-sandbox from your old.zip there are the lines:

cp $1 java-sandbox.jar
cp $1 javac-sandbox.jar

can you remember what filename was used to fill $1 ?

[jkrinke]

Probably it was ./jre/lib/rt.jar