RFR: 8283092: JMX subclass permission check redundant with strong encapsulation
Daniel Fuchs
dfuchs at openjdk.java.net
Wed Mar 16 15:18:51 UTC 2022
On Tue, 15 Mar 2022 20:22:16 GMT, Kevin Walls <kevinw at openjdk.org> wrote:
> Removing permission checks which, in the presence of a Security Manager, would check for a RuntimePermission "className.subclass". This was to prevent subclassing these classes, but is no longer necessary with strong encapsulation from modules.
Marked as reviewed by dfuchs (Reviewer).
src/java.management/share/classes/sun/management/spi/PlatformMBeanProvider.java line 233:
> 231: }
> 232: return null;
> 233: }
I have verified in module-info.java that sun.management.spi is only conditionally exported so I agree that the explicit permission check can now be removed.
src/jdk.management.agent/share/classes/jdk/internal/agent/spi/AgentProvider.java line 35:
> 33:
> 34: /**
> 35: * Instantiates a new AgentProvider.
This class should probably be removed altogether. I see that you logged [JDK-8283254](https://bugs.openjdk.java.net/browse/JDK-8283254) so this is fine.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7827
More information about the security-dev
mailing list