JAAS and secure code contexts:

Gentlefolk, particularly any auth specialists among you;

how would you go about setting up a secure environment to
run  
wikiuser provided script code in?
The particular case I'm looking at is a BeanShell
interpreter that  
must not have any access to IO or system resources. Regular
code  
needs to be run without restrictions (or I need to be able
to define  
sensible permissions for all normal code), interpreter
invocations  
need to run in a severely restricted context.

I've set up a dummy LoginContext, am able to provide a
Subject and  
Principal, and happily call a PrivilegedAction as the
subject, but my  
experiments with security managers, policies, and permission
grants  
are failing. The JSPWiki stock auth may also be confounding
me.

If this piques your interest, or if you're just generally
in a jovial  
mood and can't get enough of JAAS, I'll be happy to
describe what I'm  
doing with more detail and code. Drop me a note if so;
another pair  
of eyes might help me locate an obvious error.

Off into PrincipalSubjectPermissionLoginContext nightmares;
//ebu
_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users

I've been looking through a lot of JAAS stuff lately for
JSPWiki because 
I've just implemented global ACL pages for separate web
spaces for my 
own JSPWiki implementation.
I could be able to help out a little bit if you want to
describe your 
problem in more detail and what you've done.
I'm not guaranteeing I'll be of help because I've been
busy with other 
stuff. But, I'll do what I can to help.

-- Alex



Erik Bunn wrote:
>
> Gentlefolk, particularly any auth specialists among
you;
>
> how would you go about setting up a secure environment
to run wikiuser 
> provided script code in?
> The particular case I'm looking at is a BeanShell
interpreter that 
> must not have any access to IO or system resources.
Regular code needs 
> to be run without restrictions (or I need to be able to
define 
> sensible permissions for all normal code), interpreter
invocations 
> need to run in a severely restricted context.
>
> I've set up a dummy LoginContext, am able to provide a
Subject and 
> Principal, and happily call a PrivilegedAction as the
subject, but my 
> experiments with security managers, policies, and
permission grants 
> are failing. The JSPWiki stock auth may also be
confounding me.
>
> If this piques your interest, or if you're just
generally in a jovial 
> mood and can't get enough of JAAS, I'll be happy to
describe what I'm 
> doing with more detail and code. Drop me a note if so;
another pair of 
> eyes might help me locate an obvious error.
>
> Off into PrincipalSubjectPermissionLoginContext
nightmares;
> //ebu
> _______________________________________________
> Jspwiki-users mailing list
> Jspwiki-usersecyrd.com
> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users

_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users

> I've been looking through a lot of JAAS stuff lately
for JSPWiki  
> because I've just implemented global ACL pages for
separate web  
> spaces for my own JSPWiki implementation.
> I could be able to help out a little bit if you want to
describe  
> your problem in more detail and what you've done.
> I'm not guaranteeing I'll be of help because I've
been busy with  
> other stuff. But, I'll do what I can to help.


Alex --
thanks. Happily, I think I got the problem solved, at least
running  
in a stand-alone app.
Running with JSPWiki and a security manager will be another
matter  
entirely.

Cheers,
//ebu
_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users