On 10/9/17 3:55 AM, Alan Bateman wrote:
On 05/10/2017 00:05, Vladimir Kozlov wrote:
https://bugs.openjdk.java.net/browse/JDK-8188775
Changes for 8182701[1] missed changes in default.policy for new module jdk.internal.vm.compiler.management.
Add missing code:
src/java.base/share/lib/security/default.policy @@ -154,6 +154,10 @@ permission java.security.AllPermission; };
+grant codeBase "jrt:/jdk.internal.vm.compiler.management" { + permission java.security.AllPermission; +}; + This looks okay to me although it would be nice if we could identify the minimal permissions rather than granting it AllPermission.
+1. Is there any reason you did not just grant it RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot"? I see you have already pushed the fix, so I would recommend opening another issue to only grant the required permissions to the jdk.internal.vm.compiler.management module. Thanks, Sean