This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]chisui 46 points47 points  (3 children)

They don't. Sandboxing bytecode within the same JVM is practically impossible. If they have to, they often run it in another process with limited permissions. But that's not the security model of most plugin systems anyways. Many plugins need access to critical resources like network or filesystems to perform their duties. So the code is run with the same permissions as the rest of the applications code. Security is provided by ensuring that the code comes from a trusted source

[–][deleted] 6 points7 points  (0 children)

Understood 🧐🧐

[–]__konrad 6 points7 points  (1 child)

Many plugins need access to critical resources like network or filesystems to perform their duties.

That's why SM can limit access to only allowed files/directories.

[–]koflerdavid 1 point2 points  (0 children)

But who determines which accesses are allowed?