<AWT Dev> 8029886: Change SecurityManager check{TopLevelWindow, SystemClipboardAccessAwtEventQueueAccess} to check AllPermission

Alan Bateman Alan.Bateman at oracle.com
Tue Dec 10 12:47:27 PST 2013


On 10/12/2013 19:20, Phil Race wrote:
> > was trusted to bring up a top-level winodw. It no longer has a use
>
> What's a winodw ? :-)
Thanks, I'll fix that.

>
> "It no longer has a use" suggests it does nothing so might be better 
> phrased as
> "no longer the recommended or sole way to perform this check and is 
> superseded by .. "
"It" refers to the method as it really doesn't have a use now (these 
methods haven't really been needed since JDK 1.1). However, I see how 
this could be mis-read so I will adjust the wording.

>
>
> Is there a CCC for this ? It seems that there's a compatibility impact
> on permissions required if you don't/can't change your code, and on your
> code if you want to keep the same permissions.
The permissions haven't changed and existing policy files will continue 
to work. Also remember we changed the AWT implementation in JDK 8 to use 
checkPermission directly so the 3 methods aren't used. It's possible 
that there is code somewhere are is invoking these legacy methods 
directly and that was the reason for deprecating it in 8 with the 
wording to make it clear that these methods would be change in the 
future. Also by getting this change done early in JDK 9 then it gives 
every opportunity to flush out issues.

-Alan.


More information about the security-dev mailing list