[SECURITY] Fedora 22 Update: groovy-sandbox-1.8-1.fc22

2015-04-21T19:23:30
ID FEDORA:1A1AE60D9006
Type fedora
Reporter Fedora
Modified 2015-04-21T19:23:30

Description

This project defines a Groovy CompilationCustomizer, which allows a program to execute Groovy script in a restricted sandbox environment. It is useful for applications that want to provide some degree of scriptability to users, without allowing them to execute System.exit(0) or any other undesirable operations. This compile-time transformation modifies untrusted Groovy script in such a way that every operation that can cause interactions with the external world gets intercepted. This allows your code to examine and deny executions. This includes every method call, object allocations, property/attribute access, array access, and so on.