RFR: 8283092: JMX subclass permission check redundant with strong encapsulation

Kevin Walls kevinw at openjdk.java.net
Wed Mar 16 21:31:45 UTC 2022


On Wed, 16 Mar 2022 15:14:53 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:

>> Removing permission checks which, in the presence of a Security Manager, would check for a RuntimePermission "className.subclass".  This was to prevent subclassing these classes, but is no longer necessary with strong encapsulation from modules.
>
> src/java.management/share/classes/sun/management/spi/PlatformMBeanProvider.java line 233:
> 
>> 231:         }
>> 232:         return null;
>> 233:     }
> 
> I have verified in module-info.java that sun.management.spi is only conditionally exported so I agree that the explicit permission check can now be removed.

thanks

> src/jdk.management.agent/share/classes/jdk/internal/agent/spi/AgentProvider.java line 35:
> 
>> 33: 
>> 34:     /**
>> 35:      * Instantiates a new AgentProvider.
> 
> This class should probably be removed altogether. I see that you logged [JDK-8283254](https://bugs.openjdk.java.net/browse/JDK-8283254) so this is fine.

Thanks Daniel - yes will get rid of this class soon, I'll keep these two actions in separate changes. 8-)

-------------

PR: https://git.openjdk.java.net/jdk/pull/7827



More information about the security-dev mailing list