PrivilegedAction et al and JEP411
Peter Firmstone
peter.firmstone at zeus.net.au
Sun Jun 18 01:28:42 UTC 2023
Curious to know OpenJDK's plans for removal of
AccessController::doPrivileged calls?
PrivilegedAction shows intent, that an action about to be executed
requires privileges.
Can OpenJDK retain instances of PrivilegedAction and
PrivilegedExceptionAction?
We can find PrivilegedAction::run in stack walks to capture this intent.
We can also instrument the run method, to call our own Authorization
framework.
https://github.com/pfirmstone/HighPerformanceSecurity/blob/main/HPS/src/main/java/au/net/zeus/auth/Authorization.java
https://github.com/opensearch-project/OpenSearch/issues/1687
--
Regards,
Peter
More information about the security-dev
mailing list