RFR: 8168313: Tighten permissions granted to jdk.crypto.pkcs11 module
Sean Mullan
sean.mullan at oracle.com
Thu Oct 20 15:22:16 UTC 2016
Please review this change to tighten or remove unnecessary permissions
granted to the jdk.crypto.pkcs11 module:
http://cr.openjdk.java.net/~mullan/webrevs/8168313/webrev.00/
https://bugs.openjdk.java.net/browse/JDK-8168313
In doing so, I refactored the code a little to not use
sun.security.action APIs and was able to remove a qualified export from
java.base. I also moved the reading of the os.name and os.arch system
properties inside a doPrivileged block just in case the caller(s) do not
have permission to read them.
--Sean
More information about the security-dev
mailing list