RFR: 8272317: jstatd has dependency on Security Manager which needs to be removed
Bernd Eckenfels
ecki at zusammenkunft.net
Wed Dec 22 19:10:23 UTC 2021
Hello,
Is it safe to allow generic proxy objects, could they not execute arbritrary backend methods? Are the invocation handlers filtered indirectly?
What about those inner classes, are they stable? Could the whole protocol maybe changed to a different protocol?
Gruss
Bernd
--
http://bernd.eckenfels.net
________________________________
Von: serviceability-dev <serviceability-dev-retn at openjdk.java.net> im Auftrag von Kevin Walls <kevinw at openjdk.java.net>
Gesendet: Wednesday, December 22, 2021 7:22:26 PM
An: serviceability-dev at openjdk.java.net <serviceability-dev at openjdk.java.net>
Betreff: RFR: 8272317: jstatd has dependency on Security Manager which needs to be removed
Remove the use of Security Manager from jstatd.
Add use of an ObjectInputFilter to restrict RMI.
Also we can undo the property-setting Launcher.gmk change from: 8279007: jstatd fails to start because SecurityManager is disabled
..as that is no longer needed.
Docs/man page update to follow (JDK-8278619).
-------------
Commit messages:
- Remove jstad launcher property setting to allow Security Manager.
- Merge remote-tracking branch 'upstream/master' into 8272317_jstatd_secmgr
- Add ObjectInputFilter
- Merge remote-tracking branch 'upstream/master' into 8272317_jstatd_secmgr
- 8272317: jstatd has dependency on Security Manager which needs to be removed
Changes: https://git.openjdk.java.net/jdk/pull/6919/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=6919&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8272317
Stats: 27 lines in 4 files changed: 4 ins; 15 del; 8 mod
Patch: https://git.openjdk.java.net/jdk/pull/6919.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/6919/head:pull/6919
PR: https://git.openjdk.java.net/jdk/pull/6919
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/serviceability-dev/attachments/20211222/dfe85dab/attachment-0001.htm>
More information about the serviceability-dev
mailing list