Ola Lundqvist <[EMAIL PROTECTED]> writes: > > Another point about lib/ext. The JVM treats all jars in lib/ext as > > priveleged, like java.lang.*. > > > > "By default, installed extensions are granted all security permissions > > as if they were part of the core platform API" > > > > -- http://java.sun.com/docs/books/tutorial/ext/security/policy.html > > > > > > IOW, symlinking a bunch of jars to lib/ext is not the same as including > > them in the regular classpath. > > > > Now, do we really want to preclude the use of a SecurityManager in any > > Debian-packaged Java app? > > Probably not. So the lib/ext dir should be empty, right?
Disagree. There is a world of difference between jars you install and jars you serendipitously obtain over the net via the Java Plug-in or Java Web Start. Our use of $JAVA_HOME/jre/lib/ext is exactly what it was meant for. -- Bill Wohler <[EMAIL PROTECTED]> http://www.newt.com/wohler/ GnuPG ID:610BD9AD Maintainer of comp.mail.mh FAQ and mh-e. Vote Libertarian! If you're passed on the right, you're in the wrong lane.
