RFR: JDK-8288475: Initializing RandomGeneratorFactory.FactoryMapHolder fails if a SecurityManager is installed
Johannes Kuhn
jkuhn at openjdk.org
Fri Jun 17 06:54:49 UTC 2022
On Fri, 17 Jun 2022 06:47:59 GMT, Jaikiran Pai <jpai at openjdk.org> wrote:
>> * This adds additional permissions to the jdk.random module (`RuntimePermission "accessClassInPackage.jdk.internal.util.random"`)
>> * The annotations of the provider classes are now parsed early.
>> This avoids putting the parts that can trigger the parsing into an `AccessController.doPrivileged()` block.
>> * If a `SecurityManager` is installed, `RandomGeneratorFactory.all()` will only return `RandomGenerator`s that are loaded by a system domain loader.
>> This avoids parsing annotations of user classes from a privileged context.
>
> src/java.base/share/classes/java/util/random/RandomGeneratorFactory.java line 165:
>
>> 163: onlyBuiltIn = p -> VM.isSystemDomainLoader(p.type().getClassLoader());
>> 164: } else {
>> 165: onlyBuiltIn = p -> true;
>
> Should this variable be renamed to something else? Because right now it does the opposite of it's name. i.e. When `onlyBuiltIn` is set to `true`, like here, the code a few lines below which filters the stream accepts all `RandomGeneratorFactory` implementations that have been found.
Good idea. Naming is hard - and I don't have a good name. Maybe `allowType`?
On second thought, I could change it to `Stream<...> s = ...; if (...) {s = s.filter(...)}`.
-------------
PR: https://git.openjdk.org/jdk/pull/9180
More information about the security-dev
mailing list