SecurityManager.checkPackageAccess for qualified exports

[Alan Bateman]

On 12/05/2017 08:16, Langer, Christoph wrote:

> Hi all,
>
> while playing with the security manager (using -Djava.security.manager) in Java 9 and testing platform modules that we have added specifically in our build, I came across the following thing:
>
> As we are using some stuff from jdk.internal, I get the AccessControlException: "exception access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.misc")" in several places, even if my code runs priviledged. I figured that I need to grant permission "permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc"" to my module. I was looking around where this restriction comes from and learned the following in the documentation of SecurityManager.checkPackageAccess:
>
>
> Implementation Note:
> This implementation also restricts all non-exported packages of modules loaded by the platform class loader<http://download.java.net/java/jdk9/docs/api/java/lang/ClassLoader.html#getPlatformClassLoader--> or its ancestors. A "non-exported package" refers to a package that is not exported to all modules. Specifically, it refers to a package that either is not exported at all by its containing module or is exported in a qualified fashion by its containing module.
>
> Reading this, I'm wondering whether the implementation should implicitly grant package access for modules that a package in question was exported to in a qualified fashion? Now one ends up having to additionally add specific permissions which can easily be forgot.
>
> Any comments? Shouldn't that be improved?
>
I recall there was some discussion on this topic already - can you bring 
this to security-dev where the changes in this area were discussed/reviewed?

-Alan