RFR: 8302819: Remove JAR Index
Jaikiran Pai
jpai at openjdk.org
Tue Mar 28 17:57:45 UTC 2023
On Thu, 23 Mar 2023 15:31:31 GMT, Eirik Bjorsnos <duke at openjdk.org> wrote:
> > I don't think we should be exporting that package. Instead, the `JarIndex` class can be updated to do `AccessController.doPrivileged(...)`.
>
> Nice, I'll try that!
>
> Do you know if the `jar` tool allows running with a `SecurityManager`? If not, we could perhaps simply use `System.getProperty`?
I had a look at the existing code in the jar tool. It appears that it doesn't run with a SecurityManager - there's direct calls to `System.getProperty()` in some places in the code. So I think just calling `System.getProperty()` should be fine. When this PR goes into a published state for review, I'm sure others who have more knowledge about this area will help decide.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/13158#issuecomment-1482267543
More information about the security-dev
mailing list