Details
-
Enhancement
-
Resolution: Fixed
-
P3
-
None
-
b82
-
Verified
Description
ScriptEngine.eval gets you a null codebase. There is no way to grant permissions targeted to a script executed that way.
This is a requirement for nodejar project (actually for any runtime composed of java + js files).
Without a well identified codebase, no way to properly build a security story.
This is a requirement for nodejar project (actually for any runtime composed of java + js files).
Without a well identified codebase, no way to properly build a security story.