[e-lang] Microsoft's laws of identity
John Carlson
john.carlson3 at sbcglobal.net
Sun Jul 24 22:51:56 EDT 2005
Mark Miller wrote:
> John Carlson wrote:
>
>> [...] So if you can't
>> trust your caller, you shouldn't be trying to hide capabilties within
>> your program.
>
>
> This doesn't follow. Why do you assume my caller can control my
> ClassLoader?
>
Because I can set up a ClassLoader to load your main class and all your
other classes.
If I have to, I can rewrite Java. See previous message about Java
tools, and read and
execute privileges. Using gcj, you can probably eliminate the class loader.
John
More information about the e-lang
mailing list