RFR: 8186535: Remove deprecated pre-1.2 SecurityManager methods and fields
mandy chung
mandy.chung at oracle.com
Tue Nov 28 19:41:42 UTC 2017
On 11/22/17 6:37 AM, Sean Mullan wrote:
> Please review this change to remove the pre-JDK 1.2 SecurityManager
> methods that have been deprecated since JDK 1.2 and marked for removal
> in JDK 9. These methods are fragile, error-prone and have been
> obsolete since the SecurityManager was revamped in JDK 1.2. The
> methods to be removed are: getInCheck, classDepth, classLoaderDepth,
> currentClassLoader, currentLoadedClass, inClass, and inClassLoader.
>
> In addition, the deprecated and error-prone checkMemberAccess method
> (which was deprecated in JDK 8 and marked for removal in JDK 9) has
> been changed to throw SecurityException if the caller has not been
> granted AllPermission. This makes the method less likely it will be
> used incorrectly while still allowing some more time before it is
> removed.
>
> http://cr.openjdk.java.net/~mullan/webrevs/8186535/webrev.00/
>
src/java.desktop/share/classes/sun/applet/AppletSecurity.java
111 private static final StackWalker walker =
112 StackWalker.getInstance(RETAIN_CLASS_REFERENCE);
This call will do a stack-based permission check. So it needs to be
wrapped with doPrivileged.
Otherwise, looks fine.
Just to mention this: AppletSecurity does not really need the
currentClassLoader method. AppletSecurity::currentAppletClassLoader
could be reimplemented to use StackWalker to walk the stack once
(replacing the call to currentClassLoader and getClassContext) to find
AppletClassLoader. OTOH it does not worth making more change since
applets are going away.
Mandy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20171128/71287705/attachment.htm>
More information about the security-dev
mailing list