RFR: JDK-8288475: Initializing RandomGeneratorFactory.FactoryMapHolder fails if a SecurityManager is installed
Johannes Kuhn
jkuhn at openjdk.java.net
Thu Jun 16 07:31:35 UTC 2022
* This adds additional permissions to the jdk.random module (`RuntimePermission "accessClassInPackage.jdk.internal.util.random"`)
* The annotations of the provider classes are now parsed early.
This avoids putting the parts that can trigger the parsing into an `AccessController.doPrivileged()` block.
* If a `SecurityManager` is installed, `RandomGeneratorFactory.all()` will only return `RandomGenerator`s that are loaded by a system domain loader.
This avoids parsing annotations of user classes from a privileged context.
-------------
Commit messages:
- Fix line endings
- Initial fix
Changes: https://git.openjdk.org/jdk/pull/9180/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=9180&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8288475
Stats: 70 lines in 4 files changed: 65 ins; 3 del; 2 mod
Patch: https://git.openjdk.org/jdk/pull/9180.diff
Fetch: git fetch https://git.openjdk.org/jdk pull/9180/head:pull/9180
PR: https://git.openjdk.org/jdk/pull/9180
More information about the security-dev
mailing list