RFR: JDK-8047769 SecureRandom should be more frugal with file descriptors
Alan Bateman
Alan.Bateman at oracle.com
Mon Dec 29 09:08:15 UTC 2014
On 24/12/2014 11:37, Peter Levart wrote:
> Hi Brad,
>
> Thanks for looking into this. Here's updated webrev:
>
> http://cr.openjdk.java.net/~plevart/jdk9-dev/FileInputStreamPool.8047769/webrev.02/
>
>
This mostly looks good to me too, except the permission checking. As I
read it, getInputStream uses getCanonicalFile and thus the permission
check will be happen early and so it makes me wonder if checkRead is
needed. Additionally, both of the uses are in privileged blocks so it
looks like checkRead will always be called with a stack that has
AllPermission anyway.
-Alan.
More information about the security-dev
mailing list