A Bug in AccessControlContext.equals() and hashCode()?
David M. Lloyd
david.lloyd at redhat.com
Mon Jun 16 14:40:18 UTC 2014
On 06/16/2014 09:19 AM, Frank Ding wrote:
> Hi Jeff,
> Thanks for your reply. One further question is that you confirmed
> that two AccessControlContext objects considered equal via method
> equals() should return same results for
> AccessControlContext.checkPermission() but test shows that 2
> AccessControlContext objects are equal regardless of isLimited,
> limitedContext, parent, permissions, or privilegedContext. Does it make
> sense and apply to Java 8 AccessControlContext with JEP140?
Is it not true that a limited privileged context simply adds a
protection domain that restricts permissions to the limited set? This
seems to be the "obvious" implementation of the feature.
If so, then equals() should have taken it into account as a matter of
course.
--
- DML
More information about the security-dev
mailing list