RFR: 8210469: Missing doPriviledged block and permission for jdk.zipfs module
Lance Andersen
lance.andersen at oracle.com
Fri Jan 25 17:03:34 UTC 2019
> On Jan 25, 2019, at 3:55 AM, Alan Bateman <Alan.Bateman at oracle.com> wrote:
>
>
>
> On 25/01/2019 00:11, Lance Andersen wrote:
>>> On Jan 24, 2019, at 6:20 PM, Mandy Chung <mandy.chung at oracle.com> wrote:
>>>
>>>
>>>
>>> On 1/24/19 1:55 PM, Lance Andersen wrote:
>>>>> Alternatively you can simply do:
>>>>> PrivilegedExceptionAction<Path> pea = () -> tempPath.toRealPath();
>>>>> return AccessController.doPrivileged(pea);
>>>>>
>>>>> In this case, limited doPrivileged does not make whole lot of difference jdk.zip explicitly grants for limited permissions and this doPrivileged block is one single operation, toRealPath.
>>>> Do you have a preference here either way? I had that originally but changed it to make it clearer why it was done.
>>> For this simple case, I would avoid using limited doPrivileged.
>> Okie Dokie, I made the change and also ran optimize imports on the test: http://cr.openjdk.java.net/~lancea/8210469/webrev.01/index.html
>>
> Here's an alternative that avoids the cast, it might be a bit more readable.
>
> PrivilegedExceptionAction<Path> action = tempPath::toRealPath;
> zfpath = AccessController.doPrivileged(action);
>
> In the test then you it might be clearer to rename ZIPFS_MAP to ZIPFS_OPTIONS.
Okie Dokie part 2 ;-)
Updates can be found here: http://cr.openjdk.java.net/~lancea/8210469/webrev.02/index.html
Best
Lance
>
> -Alan
<http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif> <http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif>Lance Andersen| Principal Member of Technical Staff | +1.781.442.2037
Oracle Java Engineering
1 Network Drive
Burlington, MA 01803
Lance.Andersen at oracle.com <mailto:Lance.Andersen at oracle.com>
More information about the core-libs-dev
mailing list