RFR: 8168313: Tighten permissions granted to jdk.crypto.pkcs11 module
Mandy Chung
mandy.chung at oracle.com
Fri Oct 21 15:44:53 UTC 2016
Looks good to me.
Mandy
> On Oct 20, 2016, at 8:22 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> Please review this change to tighten or remove unnecessary permissions granted to the jdk.crypto.pkcs11 module:
>
> http://cr.openjdk.java.net/~mullan/webrevs/8168313/webrev.00/
> https://bugs.openjdk.java.net/browse/JDK-8168313
>
> In doing so, I refactored the code a little to not use sun.security.action APIs and was able to remove a qualified export from java.base. I also moved the reading of the os.name and os.arch system properties inside a doPrivileged block just in case the caller(s) do not have permission to read them.
>
> --Sean
More information about the security-dev
mailing list