RFR: 8338411: Implement JEP 486: Permanently Disable the Security Manager [v2]
Alan Bateman
alanb at openjdk.org
Wed Oct 23 12:01:33 UTC 2024
On Tue, 22 Oct 2024 21:20:59 GMT, Mandy Chung <mchung at openjdk.org> wrote:
>> Sean Mullan has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 97 commits:
>>
>> - Merge remote-tracking branch 'jdk-sandbox/jep486' into JDK-8338411
>> - Change apiNote to deprecated annotation on checkAccess methods. Change method dedescription to "Does nothing".
>> - Sanitize the class descriptions of DelegationPermission and ServicePermission
>> by removing text that refers to granting permissions, but avoid changes that
>> affect the API specification, such as the description and format of input
>> parameters.
>> - Restored methods in RMIConnection to throw SecurityExceptions again but
>> with adjusted text that avoids the word "permission".
>> - Add text to class description of MBeanServer stating that implementations
>> may throw SecurityException if authorization doesn't allow access to resource.
>> - Restore text about needing permissions from the desktop environment in the
>> getPixelColor and createScreenCapture methods.
>> - Add api note to getClassContext to use StackWalker instead and
>> add DROP_METHOD_INFO option to StackWalker.
>> - Change checkAccess() methods to be no-ops, rather than throwing
>> SecurityException.
>> - Merge
>> - Merge
>> - ... and 87 more: https://git.openjdk.org/jdk/compare/f50bd0d9...f89d9d09
>
> test/jdk/java/lang/invoke/RevealDirectTest.java line 33:
>
>> 31: * @test
>> 32: * @summary verify Lookup.revealDirect on a variety of input handles, with security manager
>> 33: * @run main/othervm/policy=jtreg.security.policy/secure=java.lang.SecurityManager -ea -esa test.java.lang.invoke.RevealDirectTest
>
> line 36 can also be removed.
>
>
> * $ $JAVA8X_HOME/bin/java -cp $JUNIT4_JAR:../../../.. -ea -esa -Djava.security.manager test.java.lang.invoke.RevealDirectTest
hasSM and the code that only runs when true can be deleted too.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21498#discussion_r1812587449
More information about the nio-dev
mailing list