java.security.AccessControlException is thrown in case system SecurityManager is reset when running in module mode
Sean Mullan
sean.mullan at oracle.com
Thu Jan 26 11:02:06 PST 2012
On 1/26/12 1:30 PM, Ekaterina Pavlova wrote:
> Hello,
>
> java.security.AccessControlException is thrown in case system SecurityManager is reset when running
> application in module mode. The minimized test case is attached. Is this known issue?
> Note, the test works fine in legacy mode but fails in module mode.
The reason it works in legacy mode is because sun.misc.Launcher.AppClassLoader
overrides getPermissions(CodeSource) and adds the exitVM permission:
/**
* allow any classes loaded from classpath to exit the VM.
*/
protected PermissionCollection getPermissions(CodeSource codesource)
{
PermissionCollection perms = super.getPermissions(codesource);
perms.add(new RuntimePermission("exitVM"));
return perms;
}
For jigsaw, we can probably add a similar workaround in
org.openjdk.jigsaw.Launcher or Loader when it is loading a module with an entry
point.
But, one of the things I also want to explore is storing the permissions granted
to a module by the configured policy in the module library when it is installed.
If a module with an entry point is installed (which I guess is the equivalent of
an application?), it could automatically add the RuntimePermission exitVM
permission. Then when the module is loaded, these permissions would be loaded
into the ProtectionDomain associated with that module.
--Sean
More information about the jigsaw-dev
mailing list