JEP 411: Deprecation with removal would break most existing Java libraries
Peter Firmstone
peter.firmstone at zeus.net.au
Sun Jun 20 03:58:24 UTC 2021
On 16/06/2021 11:18 pm, David Lloyd wrote:
>> There are already issues with Permission implementations, take for
>> example SocketPermission, it consults DNS and it isn't possible to enter
>> a range of IP addresses (such as the local subnet, and a list of public
>> IP addresses), for now, every single IP address must be entered and this
>> isn't practical. The proposed API would allow us to re-implement
>> SocketPermission functionality, as well as other Permission implementations.
> Sure, this would be nice to clean up.
What the above example enhances:
* Generation of policy files during integration testing.
* Specifying Properties, to replace local information contained in URL
and file paths, for later policy expansion.
* In this specific case, I could substitute an IP address with a
property that specified an allowed subnet mask, this would
automatically expand the SocketPermission to the local subnet, and
it would shrink the size of the generated policy file by eliminating
other SocketPermission grants to IP addresses on the subnet.
--
Regards,
Peter Firmstone
Zeus Project Services Pty Ltd.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20210620/c63d2398/attachment.htm>
More information about the security-dev
mailing list