RFR[10]:8159526 Deprivilege jdk.httpserver
vyom tewari
vyom.tewari at oracle.com
Tue Sep 12 08:46:40 UTC 2017
On Tuesday 12 September 2017 02:12 PM, Alan Bateman wrote:
> On 12/09/2017 09:06, vyom tewari wrote:
>> Hi,
>>
>> Please review the below code change.
>>
>> BugId: https://bugs.openjdk.java.net/browse/JDK-8159526
>>
>> Webrev-1:
>> http://cr.openjdk.java.net/~vtewari/8159526/jdk/webrev/index.html
>>
>> Webrev-2:
>> http://cr.openjdk.java.net/~vtewari/8159526/root/webrev/index.html
>>
>> Code change will De-privilege jdk.httpserver, we gave
>> "jdk.httpserver" all permission for now.
> Moving jdk.httpserver to the platform class loader looks fine. Are you
> planning a second phase to identify the permissions needed so that it
> doesn't have to be granted AllPermission?
yes, i will file a separate issue for this.
Vyom
>
> -Alan
More information about the core-libs-dev
mailing list