Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support/test running with a security policy #79

Open
tombentley opened this issue Oct 17, 2013 · 2 comments
Open

Support/test running with a security policy #79

tombentley opened this issue Oct 17, 2013 · 2 comments
Labels
FEATURE
Milestone
1.3

Comments

@tombentley
Copy link
Member

We need some integration between CMR and running the JVM under a security policy (basically make it easy to run in a sandbox where we trust code loaded from any of the configured repositories, whether it's signed or not).

(This may really be a ceylon-runtime issue)

ceylon/ceylon-compiler#1044
@FroMage
Copy link
Member

FroMage commented Oct 24, 2014

I think we also need a way to tell tools to only work with HTTPS connections and allow signed modules. Any unsigned module or HTTP lookup would then be disallowed.

@gavinking
Copy link
Member

Well first we should make the compiler sign jars. (i.e. call out to jarsigner.)

@CeylonMigrationBot CeylonMigrationBot mentioned this issue Nov 14, 2015
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
FEATURE
Projects
None yet
Milestone
1.3
Development

No branches or pull requests
3 participants
@FroMage @gavinking @tombentley