Running with a security manager?

Weijun Wang weijun.wang at oracle.com
Sat Mar 10 12:43:35 UTC 2018 

If you set policy or secure in the @run line then jtreg will automatically add necessary permissions to your existing policy file to make it running.

--Max

> On Mar 10, 2018, at 7:06 PM, David Holmes <david.holmes at oracle.com> wrote:
> 
> On 10/03/2018 9:03 PM, David Holmes wrote:
>> Thanks for all the responses.
>> On 10/03/2018 6:10 PM, Weijun Wang wrote:
>>> Or you can set policy to an empty file (maybe with a comment line). Unfortunately both secure and policy must have an argument.
>> Right. My issue is what policy do I have to set to make jtreg itself work, regardless of what the test may or may not need? This seems to be a problem to me - I don't know what permissions jtreg requires be added to any policy.
>> Mandy's suggestion of just setting the security manager within the test may be the way to go.
> 
> No that requires I have a security manager to pass in. I just want to enable the default security manager! This should not be that hard to do! :(
> 
> David
> 
>> Thanks,
>> David
>>> --Max
>>> 
>>>> On Mar 10, 2018, at 2:37 PM, mandy chung <mandy.chung at oracle.com> wrote:
>>>> 
>>>> If you need to grant permission, you can do this:
>>>> 
>>>> * @run main/othervm/java.security.policy=<policy file> TestReflectionAPI
>>>> 
>>>> If no policy needed, you can set security manager (System::setSecurityManager) at the beginning of the test and run in othervm mode:
>>>> * @run main/othervm TestReflectionAPI
>>>> 
>>>> Mandy
>>>> 
>>>> On 3/9/18 8:16 PM, David Holmes wrote:
>>>>> I want to run a test with a default security manager present. So I added it to the @run:
>>>>> 
>>>>> @run main/othervm -Djava.security.manager TestReflectionAPI
>>>>> 
>>>>> But this breaks jtreg:
>>>>> 
>>>>> Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta" "read")
>>>>>      at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472) 
>>>>>      at java.base/java.security.AccessController.checkPermission(AccessController.java:895) 
>>>>>      at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335) 
>>>>>      at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>>>>>      at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>>>>>      at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>>>>>      at java.base/java.io.FileReader.<init>(FileReader.java:58)
>>>>>      at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>>>>> 
>>>>> So I presume I need some kind of policy file that gives jtreg necessary permissions while trying to leave the actual test code with the normal default permissions.
>>>>> 
>>>>> How do I do that?
>>>>> 
>>>>> Thanks,
>>>>> David
>>>> 
>>>

More information about the jtreg-use mailing list