This is the mail archive of the
mailing list for the Mauve project.
Re: SecurityException throwpoint audit
Mark Wielaard wrote:
> On Mon, 2005-11-21 at 16:58 +0000, Gary Benson wrote:
> > I've been trying to work out how to test that permissions are
> > checked at every point they ought to be. There's a table of every
> > such point here:
> > http://java.sun.com/j2se/1.4.2/docs/guide/security/permissions.html#PermsAndMethods
> I would not trust that list as the definite guide. I just looked for
> a random method (which I was just working on for GNU Classpath)
> Toolkit.getSystemSelection() and it was not listed.
Ah, thanks for the warning.
> > How would people feel if I numbered the throwpoints on the above
> > list and noted them in their corresponding tests in some easily
> > parsable form (probably in comments like Tags are already). That
> > way whether a throwpoint is tested (and the location of the test)
> > can be found with a simple grep.
> > For simplicity I'd probably number the 1.4.2 list from 1-whatever.
> > Checks added in 1.5 can be added at the end of the list.
> I don't really like the numbering. I would propose to actually name
> the tests with somewhat meaningful names. Something like
> <PermissionClassName>_<ClassName>_<MethodName> for each Permission
> and class.method() needing to check for that permission. (example:
Yeah, that's better I suppose, I'll use that.