[security-dev 01212]: Re: 6854954: Eliminate static dependency on java.awt.AWTPermission

Mandy Chung Mandy.Chung at Sun.COM
Tue Sep 15 15:51:01 PDT 2009


Alan,

Looks good.  Minor nit in SecurityConstants.java
line 148 - good to add a blank line to separate the two fields

Mandy

Alan Bateman wrote:
> 
> Sean, Mandy - can you review this? I also need someone from the AWT team.
> 
> This patch eliminates the static dependency on java.awt.AWTPermission 
> from the security code, needed for the SecurityManager and default 
> policy code to work in the event that the permission class is not 
> present (in gui-less profile for example). The changes are relatively 
> simple. Creation of the AWTPermissions is deferred until needed. If 
> sun.awt.AWTPermissionFactory is present then it is used to create the 
> AWTPermission instances. If not present, but somehow one the security 
> manager's checkTopLevelWindow, checkSystemClipboardAccess, etc. methods 
> is invoked then "fake" permissions are used. The reason for the approach 
> is to keep the reflection usage to a minimum (usually we use the shared 
> secrets mechanism to avoid reflection completely but for this case, 
> there isn't one place to setup the secret).
> 
> The webrev is here:
>  http://cr.openjdk.java.net/~alanb/6854954/webrev.00/
> 
> Thanks,
> 
> Alan.



More information about the security-dev mailing list