RFR 8073056: Repeating annotations throws java.security.AccessControlException with a SecurityManager
Joel Borggrén-Franck
joel.franck at oracle.com
Wed Feb 25 11:59:23 UTC 2015
Hi Paul,
Yes that would indeed be possible, but after some internal discussions we though it safer to reuse the Proxy invocation path.
cheers
/Joel
> On 25 feb 2015, at 12:55, Paul Sandoz <paul.sandoz at oracle.com> wrote:
>
> Hi Joel,
>
> I could be missing something here but would it be possible to wrap the call to m.setAccessible in a doPriv block instead?
>
> Paul.
>
> On Feb 24, 2015, at 11:49 AM, Joel Borggrén-Franck <joel.franck at oracle.com> wrote:
>
>> Hi,
>>
>> Here is a fix for an issue with repeating annotations when a security manager is set.
>>
>> Fix is to use the Proxy invocation handler to unwrap the array containing the repeating annotations. In theory it might be possible to have instances of Annotations that are not implemented using Proxies, so the old code which is independent of implementation is kept as a fall-back, but the user or these theoretical annotations will have to configure the security policy accordingly.
>>
>> http://cr.openjdk.java.net/~jfranck/8073056/webrev.00/
>> https://bugs.openjdk.java.net/browse/JDK-8073056
>>
>> cheers
>> /Joel
>
More information about the core-libs-dev
mailing list