Theoretical data race on java.util.logging.Handler.sealed
peter.levart at gmail.com
Wed Dec 18 17:03:49 UTC 2013
On 12/17/2013 06:43 PM, Mandy Chung wrote:
> Can you check what methods are called by the constructors whose access
> are denied in the current implementation but granted in the patch? I
> have to take another look to make sure but I believe they only calls
> the methods in the handler classes that calls Handler.checkPermission.
Hi Mandy, Daniel,
Here's yet another variant that reduces the doPrivileged code to just
Handler's setters. This way no LogManager methods are invoked under
I also factored-out common code into a single package-private
Handler.configure() method + two package-private getters that provide
this method with different defaults for different Handler subclasses.
configure() is in this variant called only in immediate Handler
subclasses: MemoryHandler & StreamHandler and not in SocketHandler or
ConsoleHandler. Each property is only set once this way at construction
time - current code sets each property twice in SocketHandler or
SocketHandler's output stream is set with privileged action in both
cases: whether constructed with configured or specified host/port.
More information about the core-libs-dev