RFR: JDK-8244951: Missing entitlements for hardened runtime
Erik Joelsson
erik.joelsson at oracle.com
Wed May 13 17:48:08 UTC 2020
As was pointed out by Adrián Ruiz Arroyo, when signing our macosx builds
with hardened runtime enabled, we are currently missing the entitlement
for using the microphone. This patch is correcting that. It would be
good if I could get help verifying that the microphone is actually
usable with this change.
This extra entitlement should only ever bee needed by either the java
launcher or a jpackaged app launcher. Because of this, I made a special
entitlements file for the java launcher. I also took the liberty of
reducing the entitlements granted to the jspawnhelper executable
(something we were already doing internally).
Since this also applies to the file bundled with jpackage, I figured we
shouldn't be maintaining multiple copies of these entitlements files, so
I added a gensrc step to jdk.incubating.jpackage that simply copies the
entitlements file used by the build.
Bug: https://bugs.openjdk.java.net/browse/JDK-8244951
Webrev: http://cr.openjdk.java.net/~erikj/8244951/webrev.01/index.html
/Erik
More information about the build-dev
mailing list