[security-dev 01211]: Re: 6854954: Eliminate static dependency on java.awt.AWTPermission

Sean Mullan Sean.Mullan at Sun.COM
Tue Sep 15 21:23:52 UTC 2009


Looks good to me.

Super small nit in SecurityConstants:

120                        try {

indentation is off by one space with rest of code.

--Sean

Alan Bateman wrote:
> 
> Sean, Mandy - can you review this? I also need someone from the AWT team.
> 
> This patch eliminates the static dependency on java.awt.AWTPermission 
> from the security code, needed for the SecurityManager and default 
> policy code to work in the event that the permission class is not 
> present (in gui-less profile for example). The changes are relatively 
> simple. Creation of the AWTPermissions is deferred until needed. If 
> sun.awt.AWTPermissionFactory is present then it is used to create the 
> AWTPermission instances. If not present, but somehow one the security 
> manager's checkTopLevelWindow, checkSystemClipboardAccess, etc. methods 
> is invoked then "fake" permissions are used. The reason for the approach 
> is to keep the reflection usage to a minimum (usually we use the shared 
> secrets mechanism to avoid reflection completely but for this case, 
> there isn't one place to setup the secret).
> 
> The webrev is here:
>  http://cr.openjdk.java.net/~alanb/6854954/webrev.00/
> 
> Thanks,
> 
> Alan.




More information about the security-dev mailing list