RFR 8043406: Change default policy for JCE providers to run with as few privileges, as possible
Wang Weijun
weijun.wang at oracle.com
Tue Jul 8 02:25:51 UTC 2014
Hi Valerie
I didn't read your previous webrevs, but why is "permission java.util.PropertyPermission "*", "read";" needed by every provider? I go to sun/ec, sun/pkcs11, com/sun/crypto and find no special System.getProperty() calls there.
Thanks
Max
On Jul 8, 2014, at 5:14, Valerie Peng <valerie.peng at oracle.com> wrote:
>
> Updated the webrev to include the updates of test policy files.
> Also changed the ProviderConfig class to ignore provider instantiation failures, so that we don't need to include the entries for crypto providers in the test policy files when the tests themselves do not use/depend on functionality from crypto providers.
>
> http://cr.openjdk.java.net/~valeriep/8043406/webrev.02/
>
> Thanks,
> Valerie
More information about the security-dev
mailing list