RFR: [8u] JDK-8022323 "[JavaSecurityScanner] review package com.sun.management.* Native methods should be private
Andrew Hughes
gnu.andrew at redhat.com
Tue Aug 24 04:37:06 UTC 2021
Bug: Inaccessible
Webrev: https://cr.openjdk.java.net/~andrew/8022323/webrev.01/
This change consistently changes the
sun.management.OperatingSystemImpl native methods to be private,
instead being called from public Java methods. The bug itself is
private, but the description suggests this was flagged as part of a
security scan.
JDK-8226575 already made some of the same changes on the UNIX side
only, and the proposed JDK-8269851 backport would do the same with
getProcessCpuLoad. Rather than continuing to make these changes
piecemeal as required by various changes, it seems better to just
consistently fix them all, as in later OpenJDK versions. This also has
the advantage of making the naming in the Windows version again
consistent with the UNIX one.
Backporting the patch was clean for the Windows changes. The UNIX
changes had to be applied around the existing 8226575 changes.
OperatingSystemImpl.java on the UNIX side now matches the 9u version
(where this patch was originally applied) in structure, with the
current 8u version having a longer implementation in the methods
introduced by JDK-8226575 and later fixes.
Ok for 8u-dev?
Thanks,
--
Andrew :)
Pronouns: he / him or they / them
Senior Free Java Software Engineer
OpenJDK Package Owner
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
More information about the jdk8u-dev
mailing list