Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove Java's Security Manager deprecation message from Checker-Outputs. #19

Merged
merged 7 commits into from
Jan 28, 2023
Merged

Remove Java's Security Manager deprecation message from Checker-Outputs. #19

merged 7 commits into from
Jan 28, 2023

Conversation

ifrh
Copy link
Contributor

@ifrh ifrh commented Jan 23, 2023

close KITPraktomatTeam/Praktomat#307

Robert Hartmann (FB02, H-BRS) and others added 3 commits January 23, 2023 12:27
Remove Java's Security Manager deprecation message from Checker-Outputs.
b7101a2 
add some documentation information into java.policy and junit.policy
see KITPraktomatTeam/Praktomat#350
see KITPraktomatTeam/Praktomat#307
closes KITPraktomatTeam/Praktomat#307
@ifrh
Update README.md
f18aa5d 
just to fix a merge conflict
Merge remote-tracking branch 'hso/master' into work-around-jvm-deprec…
6e8bcbe 
…ation-security-manager

Conflicts resoved for:
	README.md
hannesbraun
hannesbraun reviewed Jan 24, 2023
View reviewed changes
Copy link
Contributor

@hannesbraun hannesbraun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we should actually introduce these workarounds. The security manager is already deprecated and will be removed at some point in the future. We need to remove it anyway, why not now? When running with Docker, the environment is encapsulated anyway. When using a local "tester" account, the operating system can restrict the access for reading/writing files. Spontaneously, I don't see another restriction that the JVM needs to have.

ifrh added 4 commits January 24, 2023 21:20
@ifrh
Update README.md
6063f91 
remove links which Markdown doesn't render
@ifrh
Update java.policy
e021936 
Comment out an example configuration block
@ifrh
Update junit.policy
c68a4a9 
comment out an example configuration block
@ifrh
Update java.policy
47e3735 
fix a typo
@hannesbraun
Copy link
Contributor

Encapsulating via Docker can not prevent students to walk the Solution-Sandbox and print out testcases. Or did you solve that "problem" it without JVM Security manager?

No, I didn't solve that problem. However, I believe there's no such restriction for the other (non-Java) checkers, right? They suffer from the same problem. But practically, printing out test cases by exploiting the Praktomat in such a way would probably take more time than solving the actual task. At least, this is probably going to apply in most cases. So there's the question of how realistic this scenario is.

Nevertheless, I'll merge this. When the Security Manager is finally removed, we'll just remove those workarounds again, and we'll see what is necessary then.

@hannesbraun hannesbraun merged commit 7f714aa into hso-praktomat:master Jan 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hannesbraun hannesbraun hannesbraun approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

praktomat.policy vs java.policy
2 participants
@ifrh @hannesbraun