Review request for JDK-8135251: Use Unsafe.defineAnonymousClass for loading Nashorn script code
Attila Szegedi
attila.szegedi at oracle.com
Wed Sep 9 20:43:34 UTC 2015
If I load one class from x.js and another from y.js and I have a security.policy file that says:
grant codeBase “x.js” {
… some permissions ...
}
grant codeBase “y.js” {
… some different permissions ...
}
then the class containing code compiled from x.js and y.js belongs to different protection domains. They can’t have the same host class. I need to create one host class with CodeSource representing the URL of x.js and one representing the URL of y.js so that a call to SecureClassLoader.defineClass(…, CodeSource) will instantiate them in appropriate protection domains based on their code source.
Attila.
> On Sep 9, 2015, at 9:05 PM, forax at univ-mlv.fr wrote:
>
> If you create one class in an empty package (like with sun.invoke.empty.Empty) and use it as host class, it should be ok, no ?
>
> Rémi
>
> ----- Mail original -----
>> De: "Attila Szegedi" <attila.szegedi at oracle.com>
>> À: "Remi Forax" <forax at univ-mlv.fr>
>> Cc: nashorn-dev at openjdk.java.net
>> Envoyé: Mercredi 9 Septembre 2015 16:56:50
>> Objet: Re: Review request for JDK-8135251: Use Unsafe.defineAnonymousClass for loading Nashorn script code
>>
>> There’s one host class per CodeSource. Host classes provide their
>> ProtectionDomain to the anonymous classes, and we must code for running
>> under a security manager.
>>
>>> On Sep 9, 2015, at 4:40 PM, Remi Forax <forax at univ-mlv.fr> wrote:
>>>
>>> Hi Attila,
>>> in your patch you're using several different host classes (i beleive one by
>>> script) and i don't understand why ?
>>>
>>> cheers,
>>> Rémi
>>>
>>> On 09/09/2015 03:35 PM, Attila Szegedi wrote:
>>>> Please review JDK-8135251 "Use Unsafe.defineAnonymousClass for loading
>>>> Nashorn script code" at
>>>> <http://cr.openjdk.java.net/~attila/8135251/webrev.jdk9> for
>>>> <https://bugs.openjdk.java.net/browse/JDK-8135251>
>>>>
>>>> Implementation notes are in
>>>> <https://bugs.openjdk.java.net/browse/JDK-8135251?focusedCommentId=13841379&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13841379
>>>> <https://bugs.openjdk.java.net/browse/JDK-8135251?focusedCommentId=13841379&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13841379>>
>>>>
>>>> Thanks,
>>>> Attila.
>>>
>>
>>
More information about the nashorn-dev
mailing list