[ipv6] RFR: 8224256: test/jdk/java/security/SecureClassLoader/DefineClass.java hardcodes 127.0.0.1
Sean Mullan
sean.mullan at oracle.com
Wed May 22 19:12:15 UTC 2019
On 5/22/19 1:28 PM, Arthur Eubanks wrote:
> On Wed, May 22, 2019 at 7:13 AM Daniel Fuchs <daniel.fuchs at oracle.com
> <mailto:daniel.fuchs at oracle.com>> wrote:
>
> Hi Arthur,
>
> 18 // For IPSupport
> 19 grant {
> 20 permission java.net.SocketPermission "localhost:0",
> "listen,resolve";
> 21 permission java.util.PropertyPermission
> "java.net.preferIPv4Stack", "read";
> 22 };
>
> It might be better if these permissions were granted to the
> library only.
>
> Done.
Have you tested that with jtreg? I believe it may not work because of
the way the SecurityManager is enabled inside the test (rather than
using the jtreg java.security.policy option). You may find that you also
need to grant those permissions to jtreg.jar since it is higher in the
call stack. If that is the case, you are probably better off granting
the permissions to all code, or restructuring the test to use the jtreg
java.security.policy option, where jtreg installs its own
SecurityManager to grant itself the proper permissions. However, that
will require some code changes and granting some additional permissions
to the test that are needed (for adding a security provider, etc) before
it currently enables a SM. And that is probably more than you want to do
for this fix.
--Sean
More information about the net-dev
mailing list