RFR: JDK-8210274: Source Launcher should work with a security manager
Jonathan Gibbons
jonathan.gibbons at oracle.com
Tue Sep 25 22:23:27 UTC 2018
On 09/25/2018 02:48 PM, mandy chung wrote:
>
>
> On 9/25/18 2:12 PM, Jonathan Gibbons wrote:
>> Updated webrev against the latest jdk/jdk sources.
>>
>> No change in the updates for this feature (just changes in the
>> surrounding context)
>>
>> Webrev: http://cr.openjdk.java.net/~jjg/8210274/webrev.02/
>>
>
> This simplified solution sounds reasonable. This would allow the
> developers to
> to run with security manager if desirable.
>
> You added the test case to verify the code source. It'd also be good
> to include
> a test case to launch with a test policy to validate the intended
> workaround
> this provides.
>
> The change is fine to create its protection domain. An alternative is
> to make MemoryClassLoader extends SecureClassLoader such that
> you can call defineClass to pass in the CodeSource. Just to mention it
> and I don't have strong opinion in one way or other.
>
> Mandy
>
Mandy,
Thanks for the review. Here's the additional test case you suggested,
demonstrating the ability to give source file permission to read a
system property, but not write it.
Webrev: http://cr.openjdk.java.net/~jjg/8210274/webrev.03/
-- Jon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/compiler-dev/attachments/20180925/3258a033/attachment-0001.html>
More information about the compiler-dev
mailing list