RFR: 8351349: GSSUtil.createSubject has outdated access control context and policy related text
Sean Mullan
mullan at openjdk.org
Mon Mar 10 17:20:41 UTC 2025
Please review this change to remove outdated access control context and policy related text from the `com.sun.security.jgss.GSSUtil` class which no longer applies now that JEP 486 disabled the Security Manager. I have removed the text and not tried to replace it. I think it is better to keep the method description simple and not assume what a server might do with the subject, such as using it to impersonate a client.
I also made a few other minor changes, adding code tags around class names and changing "Sun Microsystem's" to "the JDK" in the class description.
I will also file a CSR.
-------------
Commit messages:
- Initial changes.
Changes: https://git.openjdk.org/jdk/pull/23970/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=23970&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8351349
Stats: 26 lines in 1 file changed: 1 ins; 4 del; 21 mod
Patch: https://git.openjdk.org/jdk/pull/23970.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/23970/head:pull/23970
PR: https://git.openjdk.org/jdk/pull/23970
More information about the security-dev
mailing list