RFR: 8270380: Change the default value of the java.security.manager system property to disallow

Jaikiran Pai jpai at openjdk.java.net
Mon Aug 23 03:30:29 UTC 2021 

On Fri, 20 Aug 2021 22:44:34 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> This change modifies the default value of the `java.security.manager` system property from "allow" to "disallow". This means unless it's explicitly set to "allow", any call to `System.setSecurityManager()` would throw an UOE.
> 
> The `AllowSecurityManager.java` and `SecurityManagerWarnings.java` tests are updated to confirm this behavior change. Two other tests are updated because they were added after JDK-8267184 and do not have `-Djava.security.manager=allow` on its `@run` line even it they need to install a `SecurityManager` at runtime.

It looks to me that the failures reported in the GitHub jobs are genuine and related to this change. It looks like the `jtreg` framework itself is impacted by this change because it calls the `System.setSecurityManager(....)` while launching the tests.


2021-08-21T01:41:42.5731927Z stderr:
2021-08-21T01:41:42.5733295Z java.lang.UnsupportedOperationException: The Security Manager is deprecated and will be removed in a future release
2021-08-21T01:41:42.5734843Z 	at java.base/java.lang.System.setSecurityManager(System.java:409)
2021-08-21T01:41:42.5736946Z 	at com.sun.javatest.regtest.agent.RegressionSecurityManager.install(RegressionSecurityManager.java:56)
2021-08-21T01:41:42.5739224Z 	at com.sun.javatest.regtest.agent.AgentServer.<init>(AgentServer.java:211)
2021-08-21T01:41:42.5740879Z 	at com.sun.javatest.regtest.agent.AgentServer.main(AgentServer.java:70)
2021-08-21T01:41:42.5741805Z 
2021-08-21T01:41:42.5743348Z TEST RESULT: Error. Agent communication error: java.net.SocketException: Connection reset; check console log for any additional details
2021-08-21T01:41:42.5745030Z --------------------------------------------------
2021-08-21T01:41:51.2539413Z Test results: passed: 5; error: 879
2021-08-21T01:41:59.0887042Z Report written to /home/runner/work/jdk/jdk/build/run-test-prebuilt/test-results/jtreg_test_jdk_tier1_part1/html/report.html
2021-08-21T01:41:59.0892404Z Results written to /home/runner/work/jdk/jdk/build/run-test-prebuilt/test-support/jtreg_test_jdk_tier1_part1
2021-08-21T01:41:59.0895498Z Error: Some tests failed or other problems occurred.
2021-08-21T01:41:59.1235748Z Finished running test 'jtreg:test/jdk:tier1_part1'
2021-08-21T01:41:59.1237631Z Test report is stored in build/run-test-prebuilt/test-results/jtreg_test_jdk_tier1_part1
2021-08-21T01:41:59.1650100Z 
2021-08-21T01:41:59.1667939Z ==============================
2021-08-21T01:41:59.1668727Z Test summary
2021-08-21T01:41:59.1669635Z ==============================
2021-08-21T01:41:59.1670187Z    TEST                                              TOTAL  PASS  FAIL ERROR   
2021-08-21T01:41:59.1670795Z >> jtreg:test/jdk:tier1_part1                          884     5     0   879 <<

-------------

PR: https://git.openjdk.java.net/jdk/pull/5204

More information about the security-dev mailing list