Low level hooks in JDK for instrumentation of permission checks.
Sean Mullan
sean.mullan at oracle.com
Wed Jun 9 15:07:33 UTC 2021
On 6/8/21 9:35 PM, Peter Firmstone wrote:
> I would also like to request that all JDK modules be given
> ProtectionDomain's following SecurityManager deprecation. Currently some
> modules have null ProtectionDomain's to show they have AllPermission.
> However we don't grant AllPermission to code in practise, we like to
> grant certain Permission's to Principal's, not code, where the Principal
> is the source of data, indicating the user has been authenticated and we
> only grant what's necessary and no more.
As described in JEP 411, there are no plans to deprecate
ProtectionDomain at this time.
--Sean
More information about the security-dev
mailing list