[core-libs] RFR (L): 8010319: Implementation of JEP 181: Nest-Based Access Control
mandy chung
mandy.chung at oracle.com
Tue May 22 22:43:24 UTC 2018
On 5/22/18 3:36 AM, Peter Levart wrote:
> In jl.Class:
>
> 3911 // returning a different class requires a security check
> 3912 SecurityManager sm = System.getSecurityManager();
> 3913 if (sm != null) {
> 3914 checkPackageAccess(sm,
> 3915 ClassLoader.getClassLoader(Reflection.getCallerClass()), true);
> 3916 }
>
> ...so here the "different" class is expected to be in the same package
> as "this" class. Is this invariant enforced in VM so it need not be
> checked here?
This permission check is to prevent leaking out nest host/members that
are not accessible to any caller even it may get a hold of this class in
package p.
Mandy
More information about the core-libs-dev
mailing list