Re: Technique for loading user defined modules
Thomas Fritsch wrote:
[...]
Java offers a generic service-registry. Using it can simplifiy your approach
even more. The following code-snippet is enough for loading all Plugin
implementations found in all jar files of your classpath:
Allow me to be the voice of security here...
There are security concerns here when you are letting other people's
code run within your appplication. It's not that you shouldn't do it,
but there are security concerns to worry about both for your application
and for your user's privacy and security and you should take the steps
to handle it.
While the topic may have been about allowing users to write their own
plug-ins, the fact is that you should consider the possibility of third
party plug-ins being made available for download. Then you have to
consider the possibility of malicious code in those plug-ins.
You should not have the plug-in jars being on your applications initial
class path. Doing that gives the plug-in the same rights as your
application.
You should have the user specify where the plug-in jars are, either as a
list of jars or a directory where the jars are. You can create your own
class loader pointing to the specific jars using URLClassLoader (they
have a URL format for jars, see the Javadocs for JarUrlConnection).
You can then specify what the plug-in is allowed to do and what classes
of your application it can access. By default it should be sandboxed to
not do much at all.
You should have a mechanism to allow a plug-in to get more access, but
only if it is signed, you present the certificate to the user, and ask
them if they want to allow it.
See the seucrity section of the Java Tutorial.
--
Dale King