tags:

views:

444

answers:

2
+1  Q: 

Sandboxing Java / Groovy / Freemarker Code - Preventing execution of specific methods

I'm developing a system that allows developers to upload custom groovy scripts and freemarker templates.

I can provide a certain level of security at a very high level with the default Java security infrastructure - i.e. prevent code from accessing the filesystem or network, however I have a need to restrict access to specific methods.

My plan was to modify the Groovy and Freemarker runtimes to read Annotations that would either whitelist or blacklist certain methods, however this would force me to maintain a forked version of their code, which is not desirable.

All I essentially need to be able to do is prevent the execution of specific methods when called from Groovy or Freemarker. I've considered a hack that would look at the call stack, but this would be a massive speed hit (and it quite messy).

Does anyone have any other ideas for implementing this?

+1  A: 

OSGi is great for this. You can partition your code into bundles and set exactly what each bundle exposes, and to what other bundles. Would that work for you?

dj_segfault  2009-04-08 04:59:35
Does this allow me to restrict code from calling specific methods?
Zoomzoom83  2009-04-08 05:13:54
The concept is something like bundling. You can then restrict methods and stuff outside that bundle.
Adeel Ansari  2009-04-08 06:57:32
Strictly speaking, you can't restrict certain methods of a class from being called, but you could create a base class and child class with more methods, and only give access to the more-restrictive base class.
dj_segfault  2009-04-21 03:06:07
+2  A: 

You can do it by subclassing the GroovyClassLoader and enforcing your constraints within an AST Visitor. THis post explains how to do it: http://hamletdarcy.blogspot.com/2009/01/groovy-compile-time-meta-magic.html

Also, the code referenced there is in the samples folder of Groovy 1.6 installer.

Hamlet D'Arcy  2009-04-09 15:43:13
In many (most) cases the class the method is on won't be known at compile time, so analazying the AST won't really work. Still, this is the best answer here so I'll tick this one.I ended finding a decent solution using Metaclasses.
Zoomzoom83  2009-04-16 04:27:45

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java