8008793: SecurityManager.checkXXX behavior not specified for methods that check AWTPermission and AWT not present
Sean Mullan
sean.mullan at oracle.com
Mon Feb 25 16:04:20 UTC 2013
On 02/25/13 10:52, Alan Bateman wrote:
> On 25/02/2013 15:22, Sean Mullan wrote:
>>
>> Yes, good point, but Alan has corrected that, refresh the webrev.
>>
>> I just had one comment:
>>
>> - I think you need to run the test in it's own JVM, since it sets an SM.
>>
>> --Sean
>>
> Yes, Tom is right and the checkPermissions in these methods should
> succeed if AllPermission is granted. I should have replied to my
> original mail to clarify this as I also noticed this when generating the
> javadoc diffs after the mail.
>
> In any case, this is really a corner case because I wouldn't expect
> these methods to be invoked by anything outside of AWT (or something
> using AWT).
>
> On the test, then jtreg attempts restore the security manager after each
> test so I don't think we need to add /other here (also it is using a
> security manager already and hasn't caused any issues, at least I'm not
> aware of any).
But there can be only one SM, so it could potentially affect other tests
in different threads that depend on an SM. (If 2 tests that set their
own SM ran in the same VM, potential issues would result, right?).
--Sean
More information about the security-dev
mailing list