Details

    • Type: Improvement Improvement
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: Current
    • Fix Version/s: Future
    • Component/s: Magma
    • Labels:
      None

      Description

      There are a few places where Magma tries to access resources (files, system properties etc..) without the proper checks for java security. These are, so far :

      • access to the magma.env property, quite spread in the code
      • access to i18n files
      • access to settings files
      • a few reflection security policies : (org.apache.magma.database.DatabaseIdentity.<init>(DatabaseIdentity.java:32) calls setAccessible, while could avoid it f.e.)

        Activity

          People

          • Assignee:
            Simone Gianni
            Reporter:
            Simone Gianni
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:

              Development