RFR: 8267485: Remove the dependency on SecurityManager in JceSecurityManager.java [v4]
Mandy Chung
mchung at openjdk.java.net
Fri Jun 4 16:42:59 UTC 2021
On Fri, 4 Jun 2021 10:14:21 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/JceSecurityManager.java line 109:
>>
>>> 107: @SuppressWarnings("removal")
>>> 108: List<StackFrame> stack =
>>> 109: AccessController.doPrivileged(pa).walk(Stream::toList);
>>
>> You can replace line 108-125 with something like this:
>>
>> StackWalker walker = AccessController.doPrivileged(pa);
>> Optional<URL> callerCodeBase = walker.walk(s -> {
>> s.map(f -> JceSecurity.getCodeBase(f.getDeclaringClass()))
>> .findFirst();
>> });
>
> @mlchung Maybe there should be a `.filter(cb -> cb != null)` inserted before `.findFirst()`?
Daniel is right and it needs the filter to find the first non-null code base.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4150
More information about the security-dev
mailing list