RFR 8043406: Change default policy for JCE providers to run with as few privileges,as possible
Valerie Peng
valerie.peng at oracle.com
Fri Jun 20 22:30:44 UTC 2014
Webrev is updated at: http://cr.openjdk.java.net/~valeriep/8043406/webrev.01
Sure, I will file a bug after Mandy's confirmation.
Thanks,
Valerie
On 6/20/2014 8:46 AM, Sean Mullan wrote:
> 36 // Needed by Runtime.loadLibrary(String) call
> 37 permission java.io.FilePermission "<<ALL FILES>>", "read";
>
> It seems like this is due to a bug in Runtime.loadLibrary, since you
> have already granted the provider the permission to load the library.
> I think possibly the call to ClassLoader.loadLibrary should be inside
> a doPrivileged. The workaround is ok for now, but can you file a
> separate bug for this?
>
> --Sean
>
> On 06/18/2014 06:51 PM, Valerie Peng wrote:
>> Sean,
>>
>> Not sure if you can get to reviewing this before your vacation.
>> If not, I will find someone else to help...
>>
>> Webrev: http://cr.openjdk.java.net/~valeriep/8043406/webrev.00/
>>
>> Thanks,
>> Valerie
More information about the security-dev
mailing list