RFR: 8267485: Remove the dependency on SecurityManager in JceSecurityManager.java [v3]
Bradford Wetmore
wetmore at openjdk.java.net
Thu Jun 3 17:47:49 UTC 2021
On Thu, 3 Jun 2021 08:27:14 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:
>> Bradford Wetmore has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains eight commits:
>>
>> - Address codereview comments
>> - Merge branch 'master' into JDK-8267485
>> - Merge branch 'master' into JDK-8267485
>> - Merge branch 'master' into JDK-8267485
>> - Replace missing annotation
>> - Merge branch 'master' into JDK-8267485
>> - Updated copyright date.
>> - 8267485: Remove the dependency on SecurityManager in JceSecurityManager.java
>
> src/java.base/share/classes/javax/crypto/JceSecurityManager.java line 111:
>
>> 109: Option.RETAIN_CLASS_REFERENCE)
>> 110: .walk((s) -> s.collect(Collectors.toList())));
>> 111:
>
> Note: StackWalker is a stateless capability object. It's not the walk() method that requires a permission, but the creation of the StackWalker itself (hence my suggestion to create it in the constructor, or in a static initializer). If you walk the stack from within a doPrivileged call then the doPrivileged frame will appear in the returned `List<StackFrame>`; this may (or may not) be OK - depending on the logic that processes the stack.
>
> You could consider simplifying:
>
>
> PrivilegedAction<StackWalker> pa = () -> StackWalker.getInstance(Option.RETAIN_CLASS_REFERENCE);
> final List<StackFrame> stack = AccessController.doPrivileged(pa).walk(Stream::toList);
Thanks. I was going to step through this code more thoroughly today, hopefully I would have caught that.
This code is only needed in certain deployment and Cipher creation situations, so would rather not create a static CodeWalker that is not normally used.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4150
More information about the security-dev
mailing list