Google Code Exporter

Original comment by `[email protected]` on 20 Feb 2011 at 10:12

``` To simplify debugging: One could set a classloader instance for an interpreter instance. I passed a simple class loader which only logs the requested class and resource names. It...

``` Changed from Accepted to New ``` Original comment by `[email protected]` on 9 May 2007 at 12:54 - Changed state: **New**

``` Hello, Maybe there should be a priv (priveledged) context to allow some code to run. It would run slower while there is a background check. This would work like...

``` Hello, I am looking for such a functionality for 2 days now. Without it, BeanShell is completly useless for scripting language allowed for business users. I want to allow...

``` Can't you use Java's existing SecurityManager facility and just treat the bsh evaluation as an untrusted operation (i.e. call System.setSecurityManager(...) before bsh eval)? ``` Original comment by `[email protected]` on...

``` This feature would power up BeanShell as an embedded script engine. It's like what ClassShutter.visibleToScripts() does for Mozilla Rhino Scriptengine (JavaScript). http://www.docjar.com/docs/api/org/mozilla/javascript/ClassShutter.html It implements a blacklist as proposed by...

``` I agree with comment 4. Implementing this feature could easily affect performance. The mentioned http://www.mozilla.org/rhino/apidocs/org/mozilla/javascript/ClassShutter.html only limits access to specific classes. But here a method level access filter is...

``` Actually the blacklisting need only happen during the parsing phase. Once completed everything that should be block is so the script can be executed. ``` Original comment by `[email protected]`...

``` Re comment #4: are there any good examples of this anywhere? I'd like to eval untrusted scripts submitted via web form in a sandbox context (running in something like...