RFR: 8338411: Implement JEP 486: Permanently Disable the Security Manager [v2]
Sean Mullan
mullan at openjdk.org
Fri Oct 18 19:56:19 UTC 2024
On Thu, 17 Oct 2024 17:59:20 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> All JGSS permission classes follow the same style:
>>
>> In `javax.security.auth.kerberos.DelegationPermission`:
>>
>> * This class is used to restrict the usage of the Kerberos
>> * delegation model, ie: forwardable and proxiable tickets.
>> ```
>> In `javax.security.auth.kerberos.ServicePermission`:
>>
>> * This class is used to protect Kerberos services and the
>> * credentials necessary to access those services. There is a one to
>>
>> (Updated)
>
> I assume for the second one above you mean `javax.security.auth.kerberos.ServicePermission`. These classes still have a lot of words like "grant" and "trust". I will make some changes to the class descriptions of those classes, please review them in the next update.
See the changes I made in https://github.com/openjdk/jdk/pull/21498/commits/9dd59a12e984c347a34a25e6fd820340b1e12505. Sometimes it is difficult to remove all text about granting the permission, which is why we added the API note in all Permission subclasses stating that the permission can no longer be used to protect resources.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21498#discussion_r1806957907
More information about the nio-dev
mailing list