RE: java.securty.AccessControlContext

Clark Evans (clark.evans@gartner.com)
Mon, 27 Oct 1997 23:38:28 -0500

Message-Id: <199710280436.AA26787@interlock.gartner.com>
From: Clark Evans <clark.evans@gartner.com>
To: "'Roland.Schemers@Eng.Sun.COM'" <Roland.Schemers@Eng>
Subject: RE: java.securty.AccessControlContext
Date: Mon, 27 Oct 1997 23:38:28 -0500

Roland,

Thank you very very much! I *understand*
Incredible care and detatil... hope they pay you well....

Thanks tons!

Clark
BTW, the word "Privleged" does not help to explain the concept very
well... begin/end TrustMe might be better... *evil grin*

For others that "trip up" where I did, here is a summary from
a different perspetive:

My summary....
~~~~~~~~~~~~~~~~~~~
When a permission is checked, the domains for the classes
evoking methods on the call stack are are examined from
the top down. As long as the current domain being checked
has the permission, the check continues.

The examination stops when:
a) a domain with the given permission has stated that
it knows what it is doing by marking the stack as "privleged"
b) the core operating system is reached
or c) a domain is reached which does not have the privlege.

If the examination stops for either a or b, permission is granted.
Otherwise, if the examination stops for c, a security exception is thrown.