GAE is run in a hosted environment with untrusted (and potentially malicious) clients, who often are given access for free.
GAE is run in a hosted environment with untrusted (and potentially malicious) clients, who often are given access for free. In that type of environment, security is a very high concern, and APIs which have filesystem access get very heavy scrutiny. I think thats why they've chosen to start pretty conservatively in terms of what they allow.It wouldn't surprise me at all if more classes find their way into the whitelist as security issues are addressed (and based on demand), though.
But I wouldn't even expect to get threading tools available, eg.
Exactly right. The whitelist is there for security reasons. It's possible some classes were excluded that should be included; hopefully they'll be reviewed and added once it's determined they're secure and can't be used to break out of the sandbox.
– Nick Johnson Apr 15 '09 at 15:32.
It's extremely doubtful that these things were dropped arbitrarily. GAE runs in an extremely security-sensitive environment, and the chances are good that an internal audit of the class libraries found some risks that Google was not willing to take.
I somewhat doubt this was the criteria as well. Security most likely was used to determine how security manager handles requests to resources (files, network etc), but to class inclusions... – StaxMan Apr 14 '09 at 21:26 @StaxMan - Keep in mind that GAE does allow a lot of "risky" things. A lot of reflection features that would normally have to be disabled in such an environment are available.
That makes it also a function of what kind of attacks one could run with private fields, methods, etc. – jsight Apr 15 '09 at 18:08 Yes, agreed, and I think that is great. But it sort of makes it even more strange that less risky things were not included. I do hope it's really sort of "clerical error" and nothing error.
– StaxMan Apr 20 '09 at 2:42.
As for your high-performance streaming XML parsers, you could try to find an appropriate library (jar file). Unless it relies on threads or file access (or black-listed API), it should work just as well as the one in the JDK. There are a lot of (rather complex) libraries that work on GAE.
1 Yes, except that if the API lib implements (like javax.xml. Stream) is effectively blacklisted (is under 'javax' and not whitelisted), my understanding is that it can not be loaded -- you can include API jar, but that'll fail to load with security violation. It's worth testing out I suppose though.
– StaxMan Apr 20 '09 at 2:43 True. You would need to use the native API of that particular library (and not javax.xml. Stream).
– Thilo Apr 20 '09 at 4:54 I'd be ok with native API, but the impl itself MUST have API javax.xml. Stream classes available -- it implements them. So that's the bigger problem.
Unlike JAXP which is very thin wrapper on DOM, SAX, Stax is a "real" API. – StaxMan Apr 28 '09 at 6:30 A similar issue was raised as a bug report for AWT and Swing classes that can be used outside of GUI programming. That bug has been acknowledged.So I suppose you can reason with the Google folks to get it in.
– Thilo Apr 28 '09 at 6:49 Yes, there is now an issue logged for stax api (raised by tapestry users that need it too), so I hope this gets resolved. – StaxMan May 8 '09 at 23:35.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.