[security-dev 01211]: Re: 6854954: Eliminate static dependency on java.awt.AWTPermission
Sean Mullan
Sean.Mullan at Sun.COM
Tue Sep 15 21:23:52 UTC 2009
Looks good to me.
Super small nit in SecurityConstants:
120 try {
indentation is off by one space with rest of code.
--Sean
Alan Bateman wrote:
>
> Sean, Mandy - can you review this? I also need someone from the AWT team.
>
> This patch eliminates the static dependency on java.awt.AWTPermission
> from the security code, needed for the SecurityManager and default
> policy code to work in the event that the permission class is not
> present (in gui-less profile for example). The changes are relatively
> simple. Creation of the AWTPermissions is deferred until needed. If
> sun.awt.AWTPermissionFactory is present then it is used to create the
> AWTPermission instances. If not present, but somehow one the security
> manager's checkTopLevelWindow, checkSystemClipboardAccess, etc. methods
> is invoked then "fake" permissions are used. The reason for the approach
> is to keep the reflection usage to a minimum (usually we use the shared
> secrets mechanism to avoid reflection completely but for this case,
> there isn't one place to setup the secret).
>
> The webrev is here:
> http://cr.openjdk.java.net/~alanb/6854954/webrev.00/
>
> Thanks,
>
> Alan.
More information about the security-dev
mailing list