RFR: 8145337: [JVMCI] JVMCI initialization with SecurityManager installed fails: java.security.AccessControlException: access denied
Mandy Chung
mandy.chung at oracle.com
Thu Jan 26 02:32:38 UTC 2017
(dropping jdk9-dev. security-libs is the appropriate list to review security permission)
> On Jan 23, 2017, at 1:56 PM, Doug Simon <doug.simon at oracle.com> wrote:
>
> Both jdk.vm.ci and jdk.vm.compiler require a number of permissions when a security manager is present. Since neither of these modules is accessible to application code, it should be ok to give them all permissions. This seems to be the approach for a number of other modules including jdk.scripting.nashorn, jdk.dynalink, jdk.jsobject etc. Please review this small change that configures this proposed permission level.
>
> http://cr.openjdk.java.net/~dnsimon/8145337/webrev/
> https://bugs.openjdk.java.net/browse/JDK-8145337
jdk.vm.compiler is defined by the application class loader and it’s used by AOT tool. I wonder why it has to run with security manager. You can reference JDK tools such as jdk.compiler and jdk.jlink that are not granted with any permission.
Mandy
More information about the security-dev
mailing list