RFR 8043406: Change default policy for JCE providers to run with as few privileges,as possible

Sean Mullan sean.mullan at oracle.com
Fri Jun 20 15:46:47 UTC 2014


   36         // Needed by Runtime.loadLibrary(String) call
   37         permission java.io.FilePermission "<<ALL FILES>>", "read";

It seems like this is due to a bug in Runtime.loadLibrary, since you 
have already granted the provider the permission to load the library. I 
think possibly the call to ClassLoader.loadLibrary should be inside a 
doPrivileged. The workaround is ok for now, but can you file a separate 
bug for this?

--Sean

On 06/18/2014 06:51 PM, Valerie Peng wrote:
> Sean,
>
> Not sure if you can get to reviewing this before your vacation.
> If not, I will find someone else to help...
>
> Webrev: http://cr.openjdk.java.net/~valeriep/8043406/webrev.00/
>
> Thanks,
> Valerie



More information about the security-dev mailing list