8029886: Change SecurityManager check{TopLevelWindow, SystemClipboardAccessAwtEventQueueAccess} to check AllPermission

Alan Bateman Alan.Bateman at oracle.com
Tue Dec 10 13:51:54 UTC 2013


In JDK 8 we deprecated the JDK 1.1-era SecurityManager methods 
checkTopLevelWindow, checkSystemClipboard and 
checkAccessAwtEventQueueAccess with a warning that they would be changed 
in a future release to check AllPermission. At the same time we changed 
the java.awt.Window and Toolkit methods to use checkPermission directly 
so that the legacy methods aren't used. The motive for all this is 
modules of course and the strong desire to remove the dependency on 
java.awt.AWTPermission.

I'd like to get the second phase of this work into JDK 9 early to give 
every opportunity to find any potential issues. The second phase of this 
work changes the SecurityManager methods to check AllPermission and 
updates the implementation to remove the reflection hackery that was 
used to allow this code work without AWT being present (something that 
was needed for the profiles build).

The webrev with the changes is here:
   http://cr.openjdk.java.net/~alanb/8029886/webrev/

The main thing that I'd like to get agreement on is the wording for the 
updated methods and also agreement from the AWT group to move the 
permission constants to a new class sun.awt.AWTPermissions.

-Alan.



More information about the security-dev mailing list