RFR: JDK-8315897: some PrivilegedActions missing in JDK code for getting properties

Phil Race prr at openjdk.org
Tue Sep 19 21:10:41 UTC 2023


On Tue, 12 Sep 2023 08:21:35 GMT, Matthias Baesken <mbaesken at openjdk.org> wrote:

> > > So what about FontConfiguration? Is that something using the class directly too?
> > 
> > 
> > I think this is not needed either. As far as I can see, the instance of `FontConfiguration` is created from `doPrivileged`, therefore these two system properties are read inside `doPrivileged` already.
> 
> Hi there is a public constructor ` public FontConfiguration(SunFontManager fm) {` calling setOsNameAndVersion(), so is it really always called from `doPrivileged` ? (however it is currently only exported in a qualified way)

Regardless of that, these properties are allowed to be read without permissions.
See java.policy
grant {
...
    // "standard" properies that can be read by anyone
 ....
    permission java.util.PropertyPermission "os.name", "read";
    permission java.util.PropertyPermission "os.version", "read";
....

-------------

PR Comment: https://git.openjdk.org/jdk/pull/15629#issuecomment-1726467543


More information about the client-libs-dev mailing list