RFR: JDK-8210274: Source Launcher should work with a security manager

mandy chung mandy.chung at oracle.com
Tue Sep 25 21:48:53 UTC 2018

On 9/25/18 2:12 PM, Jonathan Gibbons wrote:
> Updated webrev against the latest jdk/jdk sources.
> No change in the updates for this feature (just changes in the 
> surrounding context)
> Webrev: http://cr.openjdk.java.net/~jjg/8210274/webrev.02/

This simplified solution sounds reasonable.  This would allow the 
developers to
to run with security manager if desirable.

You added the test case to verify the code source.   It'd also be good 
to include
a test case to launch with a test policy to validate the intended 
this provides.

The change is fine to create its protection domain.  An alternative is
to make MemoryClassLoader extends SecureClassLoader such that
you can call defineClass to pass in the CodeSource.   Just to mention it
and I don't have strong opinion in one way or other.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/compiler-dev/attachments/20180925/660db3c1/attachment.html>

More information about the compiler-dev mailing list