[9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
Sean Mullan
sean.mullan at oracle.com
Thu Aug 4 14:20:53 UTC 2016
On 08/04/2016 12:42 AM, Mandy Chung wrote:
> A passing comment:
>
> The test can simply specify @modules jdk.crypto.mscapi and this test will only run when jdk.crypto.mscapi is present; in other words, line 45-48 are no longer needed.
Does that also mean line 27 can be removed:
27 * @requires os.family == "windows"
--Sean
>
> Mandy
>
>> On Aug 3, 2016, at 6:09 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> Hi Valerie,
>>
>> Can you also clean up the noaccess.policy and access.policy files and remove the permissions that are now granted to the jdk.crypto.mscapi module in default.policy?
>>
>> Also, in the test, I would use the java.security.policy== option instead of the policy option. The policy option is an older jtreg option that I think we should phase out from tests. The java.security.policy option is easier to understand because it is consistent with the system property.
>>
>> --Sean
>>
>> On 08/02/2016 06:04 PM, Valerie Peng wrote:
>>> Sean,
>>>
>>> Would you be able to review this policy update for SunMSCAPI provider?
>>> In addition to the policy update, the test is updated to replace the
>>> shell script with @run tags.
>>>
>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8154113
>>> Webrev: http://cr.openjdk.java.net/~valeriep/8154113/webrev.00/
>>>
>>> Thanks,
>>> Valerie
>
More information about the security-dev
mailing list