[security-dev 01212]: Re: 6854954: Eliminate static dependency on java.awt.AWTPermission
Mandy Chung
Mandy.Chung at Sun.COM
Tue Sep 15 22:51:01 UTC 2009
Alan,
Looks good. Minor nit in SecurityConstants.java
line 148 - good to add a blank line to separate the two fields
Mandy
Alan Bateman wrote:
>
> Sean, Mandy - can you review this? I also need someone from the AWT team.
>
> This patch eliminates the static dependency on java.awt.AWTPermission
> from the security code, needed for the SecurityManager and default
> policy code to work in the event that the permission class is not
> present (in gui-less profile for example). The changes are relatively
> simple. Creation of the AWTPermissions is deferred until needed. If
> sun.awt.AWTPermissionFactory is present then it is used to create the
> AWTPermission instances. If not present, but somehow one the security
> manager's checkTopLevelWindow, checkSystemClipboardAccess, etc. methods
> is invoked then "fake" permissions are used. The reason for the approach
> is to keep the reflection usage to a minimum (usually we use the shared
> secrets mechanism to avoid reflection completely but for this case,
> there isn't one place to setup the secret).
>
> The webrev is here:
> http://cr.openjdk.java.net/~alanb/6854954/webrev.00/
>
> Thanks,
>
> Alan.
More information about the security-dev
mailing list