RFR: 8344149: Remove usage of Security Manager from java.rmi
Aleksei Efimov
aefimov at openjdk.org
Mon Nov 18 18:07:47 UTC 2024
On Fri, 15 Nov 2024 01:12:34 GMT, Stuart Marks <smarks at openjdk.org> wrote:
> First cut at removal of Security Manager stuff from RMI.
>
> This covers just about every SM-related case in RMI, except for a bit of package checking in MarshalInputStream. This will be handled separately. It's covered by [JDK-8344329](https://bugs.openjdk.org/browse/JDK-8344329).
>
> Further simplifications could be done in RuntimeUtil and NewThreadAction. However, those changes started to become somewhat more intrusive than I'd like for this PR, which is focused on removing security-related stuff.
The changes look good to me, with two suggestions below.
src/java.rmi/share/classes/sun/rmi/runtime/NewThreadAction.java line 65:
> 63: /**
> 64: * special child of the system thread group for running tasks that
> 65: * may execute user code, so that the security policy for threads in
Do we still want to mention `security policy` here?
src/java.rmi/share/classes/sun/rmi/server/MarshalInputStream.java line 69:
> 67:
> 68: /** table to hold sun classes to which access is explicitly permitted */
> 69: protected static Map<String, Class<?>> permittedSunClasses
It looks like `permittedSunClasses` map can be removed alongside to `checkSunClass(String, AccessControlException)` method, since it is only called on [line 198](https://github.com/openjdk/jdk/pull/22129/files#diff-491ee160d740152081c000fc513091e00181c41fd3c423c466fd30448a2a47e6R198):
} catch (@SuppressWarnings("removal") AccessControlException e) {
return checkSunClass(className, e);
-------------
PR Review: https://git.openjdk.org/jdk/pull/22129#pullrequestreview-2443295343
PR Review Comment: https://git.openjdk.org/jdk/pull/22129#discussion_r1847003817
PR Review Comment: https://git.openjdk.org/jdk/pull/22129#discussion_r1847024207
More information about the core-libs-dev
mailing list