RFR: 8353642: Deprecate networking permission classes for removal [v2]
Daniel Fuchs
dfuchs at openjdk.org
Fri Apr 11 11:34:33 UTC 2025
On Fri, 11 Apr 2025 11:10:10 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> src/java.base/share/classes/java/security/CodeSource.java line 468:
>>
>>> 466: }
>>> 467: @SuppressWarnings("removal")
>>> 468: var result = this.sp.implies(that.sp);
>>
>> Will we need to rewrite this code without SocketPermissions? Can we remove it, maybe? It is only used by CodeSource.implies, which is not used by the JDK (but may be used elsewhere).
>
> also the JavaDoc of the implies method references the SocketPermission. That will also need to be cleaned up at some point.
That will be left over for someone in security-libs to cleanup this code at their convenience before we remove SocketException.
Hmmm... If the public API references SocketException we might have to deprecate in this PR too. Not sure what the implications are. Maybe @seanjmullan can advise.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24592#discussion_r2039353439
More information about the security-dev
mailing list