RFR [13] 8220719: Allow other named NetPermissions to be used
Sean Mullan
sean.mullan at oracle.com
Fri Mar 15 15:22:51 UTC 2019
Looks good to me.
--Sean
On 3/15/19 10:30 AM, Chris Hegarty wrote:
>
> This is a review request to resolve an asymmetry that I noticed when
> investigating another issue. The NetPermission specification should be
> relaxed a little to allow for other target names to be used, similar to
> 8077055. Really 8077055 should probably have covered NetPermission too,
> but was just not noticed at the time.
>
> ---
>
> Problem
>
> The current specification of java.net.NetPermission states: "The
> following table lists all the possible NetPermission target names ...",
> which implies that unless the permission target is listed in the table,
> it cannot be used.
>
> However, there is no such enforcement in the implementation, and it is
> useful and somewhat common for applications / libraries to create their
> own permission target names.
>
> Solution
>
> Relax the specification so that non-listed permissions are allowable.
> The table will remain, but will only document Java SE permissions.
>
> Specification
>
> --- a/src/java.base/share/classes/java/net/NetPermission.java
> +++ b/src/java.base/share/classes/java/net/NetPermission.java
> @@ -43,7 +43,7 @@
> * signify a wildcard match. For example: "foo.*" and "*" signify a
> wildcard
> * match, while "*foo" and "a*b" do not.
> * <P>
> - * The following table lists all the possible NetPermission target names,
> + * The following table lists the standard NetPermission target names,
> * and for each provides a description of what the permission allows
> * and a discussion of the risks of granting code the permission.
> *
>
> Bug
> https://bugs.openjdk.java.net/browse/JDK-8220719
> CSR
> https://bugs.openjdk.java.net/browse/JDK-8220720
>
> -Chris.
More information about the net-dev
mailing list