RFR: 8154067: Avoid early use of limited privilege escalation in InnerClassLambdaMetafactory
Sean Mullan
sean.mullan at oracle.com
Tue Apr 12 18:26:17 UTC 2016
On 04/12/2016 12:58 PM, Mandy Chung wrote:
>
>> On Apr 12, 2016, at 5:38 AM, Claes Redestad <claes.redestad at oracle.com> wrote:
>>
>> Hi,
>>
>> the first usage of limited doPrivileged appears to have a small startup penalty (loads 8 permission-related classes and does some reflection), and is arguably excessive for this particular instance. Unrestricted doPrivileged allows for a small reduction of lambda init cost.
>>
>> Webrev: http://cr.openjdk.java.net/~redestad/8154067/webrev.01/
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8154067
>>
>
> +1
>
> I agree that getting system properties isn’t a good usage example of limited doPrivileged since the permission is very clear and explicit.
I also agree. In this case, the privileged action (System.getProperty)
is very concise, so the risk is very low that the additional permissions
could be abused.
--Sean
More information about the core-libs-dev
mailing list