[ipv6] RFR: 8224256: test/jdk/java/security/SecureClassLoader/DefineClass.java hardcodes 127.0.0.1

Sean Mullan sean.mullan at oracle.com
Wed May 22 19:12:15 UTC 2019


On 5/22/19 1:28 PM, Arthur Eubanks wrote:
> On Wed, May 22, 2019 at 7:13 AM Daniel Fuchs <daniel.fuchs at oracle.com 
> <mailto:daniel.fuchs at oracle.com>> wrote:
> 
>     Hi Arthur,
> 
>         18 // For IPSupport
>         19 grant {
>         20     permission java.net.SocketPermission "localhost:0",
>     "listen,resolve";
>         21     permission java.util.PropertyPermission
>     "java.net.preferIPv4Stack", "read";
>         22 };
> 
>     It might be better if these permissions were granted to the
>     library only.
> 
> Done.

Have you tested that with jtreg? I believe it may not work because of 
the way the SecurityManager is enabled inside the test (rather than 
using the jtreg java.security.policy option). You may find that you also 
need to grant those permissions to jtreg.jar since it is higher in the 
call stack. If that is the case, you are probably better off granting 
the permissions to all code, or restructuring the test to use the jtreg 
java.security.policy option, where jtreg installs its own 
SecurityManager to grant itself the proper permissions. However, that 
will require some code changes and granting some additional permissions 
to the test that are needed (for adding a security provider, etc) before 
it currently enables a SM. And that is probably more than you want to do 
for this fix.

--Sean




More information about the net-dev mailing list