DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=28546>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=28546 ------- Additional Comments From [EMAIL PROTECTED] 2005-05-27 18:23 ------- (In reply to comment #4) > Matt, I haven't tried modifying Ant to implement the things you suggest. > If a security manager allows the use of Runtime.exec(), then there is a > mechanism to bypass it entirely. If it doesn't allow the use of Runtime.exec (), > then it can't spawn new JVMs. Good points. > This may not be realistically solvable without > deferring to an implementation of the JSR-121 Isolate API. Presumably JSR-121 > implementations will handle security managers transitively, so that their > restrictions can't be trivially escaped. Would there be any resistance to > adopting the JSR-121 API to launch JVMs? This would only be done after the JSR > is final and implementations are available for all environments Ant supports. > http://jcp.org/aboutJava/communityprocess/pr/jsr121/index.html It looks as though this spec would, should it come to fruition, be a core piece of a future release of Java. At that time there should be no reason we cannot support it, although detection of availability would probably have to be accomplished via reflection (this is commonly the case with newer language features in Ant). -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
