Code Review Request: running signed modules with SecurityManager
mark.reinhold at oracle.com
mark.reinhold at oracle.com
Fri Jun 4 13:19:35 PDT 2010
> Date: Fri, 04 Jun 2010 15:22:46 -0400
> From: sean.mullan at oracle.com
> On 6/4/10 2:31 PM, mark.reinhold at oracle.com wrote:
>> http://cr.openjdk.java.net/~mullan/jigsaw/webrevs/SecurityManager2/webrev.01/
>> ...
>>
>> SimpleLibrary.java
>>
>> [55] Is there a reason to put signer.ser in its own subdirectory?
>
> Just trying to think ahead - we'll likely want to store additional security
> information such as the module's granted permissions, and potentially other
> certificate related information such as CRLs.
Even then I don't expect there will ever be very many files in an
installed-module directory, so I doubt a subdirectory would be needed.
> ...
>> Loader.java
>> ...
>>
>> [196] If there's no CodeSigner then shouldn't you pass null as the last
>> argument to defineModule, rather than new CodeSource(null, null)?
>
> No, I don't believe so. There is a subtle difference. A CodeSource of (null,
> null) will still be granted permissions where the URL/certs don't matter, ex
> the permissions of the sandbox policy. But a null CodeSource won't be granted
> any permissions.
Hmm. That's okay for now, I guess.
- Mark
More information about the jigsaw-dev
mailing list