/hg/icedtea-web: Improve PolicyTool launch method in PolicyPanel
Andrew Azores
aazores at redhat.com
Tue Jan 28 10:45:33 PST 2014
On 01/27/2014 05:50 PM, Jacob Wisor wrote:
> But, you *should* probably change the call from
> Class.getDeclaredMethod() to Class.getMethod() because
> Class.getDeclaredMethod() assumes access to all, including non-public
> methods which causes a SecurityManager.checkMemberAccess(). This may
> lead to failure if the default SecurityManager is set.
> Class.getMethod() by definition accesses public members only hence it
> will not error out even with the default SecurityManager set (unless
> configured to deny access to public members). Or, has
> Class.getDeclaredMethod() been intentional too?
>
> Jacob
No, to be honest I didn't put a whole lot of thought into which to
choose here. I don't think I had any particular reasoning for choosing
getDeclaredMethod, it just happened. This I think is a good enough
change to warrant a new commit, along with making other local variables
and formal params final where they can be (which is pretty much
everywhere in this class), adding a class-level Javadoc, and older
PolicyTool package fallback.
The backport patch is included here as well, because it also
incorporates these suggestions of course. Seems better to keep these two
patches in the same place since the code review between them should be
just about identical (other than the change to accommodate lack of
DirectoryValidator, they are identical).
Thanks,
--
Andrew A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: custompolicy-backport-full.patch
Type: text/x-patch
Size: 20947 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140128/cb2ae607/custompolicy-backport-full-0001.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: custompolicy-touchup.patch
Type: text/x-patch
Size: 8166 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140128/cb2ae607/custompolicy-touchup-0001.patch
More information about the distro-pkg-dev
mailing list