[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: BD-J implementation in libbluray
From:       Jean-Baptiste Kempf <jb () videolan ! org>
Date:       2015-11-03 10:57:42
Message-ID: 56389326.6000609 () videolan ! org
[Download RAW message or body]

On 05/10/2015 11:21, Florian Weimer wrote:
> I don't know.  There is a BDJSecurityManager, but I'm not convinced it's
> sufficiently strict.  For instance, the checkPermission(Permission)
> method does not call checkWrite(String) for FilePermission objects at
> all.  This does not look right, but I'm not familiar with the finer
> points of Java sandboxing.

Confirmed as fixed in 0.9.1.

-- 
Jean-Baptiste Kempf
http://www.jbkempf.com/ - +33 672 704 734
Sent from my Electronic Device
[prev in list] [next in list] [prev in thread] [next in thread]