Theoretical data race on java.util.logging.Handler.sealed
mandy.chung at oracle.com
Wed Dec 18 22:55:30 UTC 2013
On 12/18/2013 9:03 AM, Peter Levart wrote:
> Hi Mandy, Daniel,
> Here's yet another variant that reduces the doPrivileged code to just
> Handler's setters. This way no LogManager methods are invoked under
> elevated privilege:
This version looks good. I like the refactoring to have the subclass to
call the common code Handler.configure method. It may be better to have
the configure method (or a new one) that takes the default Level and
default Formatter instead of the package-private getters.
I don't see why the handler constructors are designed to call the
overridden methods rather than the initialization and if a subclass has
its custom field, it should initialize its custom fields in its
constructor implementation. Anyway this would be a separate clean up
task from this one.
Can you also add a sanity test to verify that these handlers can be
constructed successfully with a security manager installed?
More information about the core-libs-dev