Bill Shannon wrote:
> Clearly some security permission is required to add a security provider.
> What are all the security permissions JRuby requires to run correctly?
Following are the extra(over the default provided) security permissions
as of b41-rc
required by a Ruby on Rails app to run in GlassFish
permission java.lang.RuntimePermission "createClassLoader";
permission java.security.SecurityPermission "putProviderProperty.BC";
permission java.lang.RuntimePermission "getenv.*";
permission java.security.SecurityPermission "insertProvider.BC";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
> Are we configuring all those security permissions in case someone enables
> the security manager?
No. And I would not expect GlassFish to, since these should be
configured on a per application basis.
-Ashish