RFR: JDK-8210274: Source Launcher should work with a security manager
mandy chung
mandy.chung at oracle.com
Tue Sep 25 21:48:53 UTC 2018
On 9/25/18 2:12 PM, Jonathan Gibbons wrote:
> Updated webrev against the latest jdk/jdk sources.
>
> No change in the updates for this feature (just changes in the
> surrounding context)
>
> Webrev: http://cr.openjdk.java.net/~jjg/8210274/webrev.02/
>
This simplified solution sounds reasonable. This would allow the
developers to
to run with security manager if desirable.
You added the test case to verify the code source. It'd also be good
to include
a test case to launch with a test policy to validate the intended
workaround
this provides.
The change is fine to create its protection domain. An alternative is
to make MemoryClassLoader extends SecureClassLoader such that
you can call defineClass to pass in the CodeSource. Just to mention it
and I don't have strong opinion in one way or other.
Mandy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/compiler-dev/attachments/20180925/660db3c1/attachment.html>
More information about the compiler-dev
mailing list