[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: BD-J implementation in libbluray
From: Jean-Baptiste Kempf <jb () videolan ! org>
Date: 2015-11-03 10:57:42
Message-ID: 56389326.6000609 () videolan ! org
[Download RAW message or body]
On 05/10/2015 11:21, Florian Weimer wrote:
> I don't know. There is a BDJSecurityManager, but I'm not convinced it's
> sufficiently strict. For instance, the checkPermission(Permission)
> method does not call checkWrite(String) for FilePermission objects at
> all. This does not look right, but I'm not familiar with the finer
> points of Java sandboxing.
Confirmed as fixed in 0.9.1.
--
Jean-Baptiste Kempf
http://www.jbkempf.com/ - +33 672 704 734
Sent from my Electronic Device
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic