The Author Online Book Forums are Moving

The Author Online Book Forums will soon redirect to Manning's liveBook and liveVideo. All book forum content will migrate to liveBook's discussion forum and all video forum content will migrate to liveVideo. Log in to liveBook or liveVideo with your Manning credentials to join the discussion!

Thank you for your engagement in the AoF over the years! We look forward to offering you a more enhanced forum experience.

David M. Karr (83) [Avatar] Offline
#1
Reading through chapter 19, "Domain-Specific Languages", it appears you're trying to cover all the ways that someone could "cheat" (deliberately or accidentally) in their script to "get out of the sandbox". You cover what you can do with "import restrictions" seemingly very thoroughly. However, nowhere do you mention that it's very easy to reference a class without importing it, by referencing the fully-qualified class name. This would likely be dealt with in a SecurityManager, which you do talk about, but it would be useful to cover this case.