Re: JSR311: Support for OSGi Service Platform

From: Marc Hadley <Marc.Hadley_at_Sun.COM>
Date: Tue, 12 Aug 2008 15:01:20 -0400

On Aug 12, 2008, at 11:24 AM, Bill Burke wrote:
>> A second one is not really a barrier but a security issue
>> concerning the
>> static 'RuntimeDelegate.setInstance(RuntimeDelegate)' method. I
>> recommend checking for an appropriate permission. This would allow to
>> limit the invocation of that method to approved code only.
> I think this is a good idea.
Seems like checking for either
RuntimePermission("accessDeclaredMembers") or
ReflectPermission("suppressAccessChecks") would be appropriate since I
think both would be required for a workable JAX-RS implementation.


Marc Hadley <marc.hadley at>
CTO Office, Sun Microsystems.