RFR: 8296244: Alternate implementation of user-based authorization Subject APIs that doesn’t depend on Security Manager APIs [v3]
Weijun Wang
weijun at openjdk.org
Tue Jan 30 22:36:47 UTC 2024
On Tue, 30 Jan 2024 16:41:28 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.management/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java line 307:
>>
>>> 305: AccessController.doPrivileged(new PrivilegedAction<>() {
>>> 306: public Subject run() {
>>> 307: return Subject.current();
>>
>> Is the `doPrivileged` still needed here? Is there a chance that `Subject.current()` will throw a `SecurityException`, or return a different result if a security manager is present and `doPrivileged` is not used?
>
> When a security manager is set, `current()` still calls `getSubject()` and it needs a permission unless it's called inside `doPrivileged`. But, see the comment above.
I fixed it in the latest commit. The original code change is simply wrong. `AccessController.getContext()` would return different ACCs inside and outside `doPriv`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17472#discussion_r1472043888
More information about the core-libs-dev
mailing list