Marsh David W Maj AFIT/ENG wrote:
Tomcat Developers,
While I understand that the libraries and extensions used by Tomcat
*should* provide that assurance, what would happen if someone
inadvertently wrote some code that could create a new object with rights
never intended by developers?
What I would consider useful is a 'compile time note'
that the code might be insecure, but trying to forbid
any code during execution time beyond existing
execution security level is both out of spec as well as
completely useless.
So, if you find a way to introspect the possible
harmful user written code during compilation time,
only then it would make some sense.
Regards,
Mladen.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
