RFR: 8333344: JMX attaching of Subject does not work when security manager not allowed [v6]
Kevin Walls
kevinw at openjdk.org
Fri Jun 14 13:32:35 UTC 2024
On Wed, 12 Jun 2024 20:52:51 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Kevin Walls has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Undo test policy updates
>
> src/java.management/share/classes/javax/management/monitor/Monitor.java line 1543:
>
>> 1541: // No SecurityManager:
>> 1542: Subject.doAs(s, action); // s is permitted to be null
>> 1543: } else {
>
> Even though ac should never be null, I would keep the original check for ac == null inside the SM code path to be safe and consistent with the original code, and use only call doAs if allowSM is false, so like:
>
>
> if (!SharedSecrets.getJavaLangAccess().allowSecurityManager()) {
> // No SecurityManager:
> Subject.doAs(s, action); // s is permitted to be null
> } else {
> if (ac == null) {
> throw new SecurityException("AccessControlContext cannot be null");
> }
> // ACC means SM is permitted.
> AccessController.doPrivileged(action, ac);
> }
ok done!
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1639833457
More information about the serviceability-dev
mailing list