RFR: 8338411: Implement JEP 486: Permanently Disable the Security Manager [v6]

Daniel Fuchs dfuchs at openjdk.org
Sun Nov 3 11:28:10 UTC 2024 

On Sat, 2 Nov 2024 22:25:06 GMT, ExE Boss <duke at openjdk.org> wrote:

>> Sean Mullan has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 200 commits:
>> 
>>  - Merge remote-tracking branch 'jdk-sandbox/jep486' into JDK-8338411
>>  - Modify three RMI tests to work without the security manager:
>>     - test/jdk/java/rmi/registry/classPathCodebase/ClassPathCodebase.java
>>     - test/jdk/java/rmi/registry/readTest/CodebaseTest.java
>>     - test/jdk/java/rmi/server/RMIClassLoader/useCodebaseOnly/UseCodebaseOnly.java
>>    Also remove them from the problem list.
>>  - Remove two obsolete RMI tests:
>>     - test/jdk/java/rmi/server/RMIClassLoader/spi/ContextInsulation.java
>>     - test/jdk/sun/rmi/transport/tcp/disableMultiplexing/DisableMultiplexing.java
>>    Adjust two tests to run without the Security Manager:
>>     - test/jdk/java/rmi/server/RMIClassLoader/loadProxyClasses/LoadProxyClasses.java
>>     - test/jdk/java/rmi/server/RMIClassLoader/spi/DefaultProperty.java
>>    Remove all of these tests from the problem list.
>>  - In staticPermissionsOnly(), change "current policy binding" to "current policy" so wording is consistent with the API note that follows.
>>  - Added API Notes to ProtectionDomain clarifying that the current policy always
>>    grants no permissions. A few other small changes to Policy and PD.
>>  - Merge branch 'master' into jep486
>>  - JAXP tests: organize imports of a few tests
>>  - Improve description of Executors.privilegedThreadFactory
>>  - rename TestAppletLoggerContext.java as suggested in util test review
>>  - clientlibs: Javadoc cleanup
>>  - ... and 190 more: https://git.openjdk.org/jdk/compare/158ae51b...7958ee2b
>
> src/java.base/share/classes/java/lang/System.java line 1364:
> 
>> 1362:      * <br>
>> 1363:      * It is the responsibility of the provider of
>> 1364:      * the concrete {@code LoggerFinder} implementation to ensure that
> 
> This is still a part of the paragraph related to the security manager.

Right - this paragraph - lines 1620-1625 (old file) / 1362-1367 (new file) is no longer relevant and should be removed too. Thanks for spotting that.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/21498#discussion_r1826959976

More information about the core-libs-dev mailing list