RFR: JDK-8068682 - Deprivilege/move java.corba to the ext class loader
Mandy Chung
mandy.chung at oracle.com
Sun Feb 8 06:58:57 UTC 2015
On 2/7/2015 5:10 PM, David Holmes wrote:
> On 7/02/2015 4:55 AM, Mark Sheppard wrote:
>> Hi
>> please oblige and review the following changes
>> http://cr.openjdk.java.net/~msheppar/8068682/webrev/
>> http://cr.openjdk.java.net/~msheppar/8068682/corba/webrev/
>>
>> which address the issue in
>> https://bugs.openjdk.java.net/browse/JDK-8068682
>>
>> this change means CORBA ORB is loaded by the extension class loader and
>> no longer has has its former privilege of system code.
>
> Just curious but under the pre-module extension mechanism installed
> extensions had full system privileges by default[1]:
>
> "By default, installed optional packages in this standard directory
> are trusted. That is, they are granted the same privileges as if they
> were core platform classes (those in rt.jar). This default privilege
> is specified in the system policy file (in
> <java-home>/jre/lib/security/java.policy), but can be overridden for a
> particular optional package by adding the appropriate policy file
> entry (see Permissions in the JDK)."
>
> Does this mean that under the module system, things associated with
> the Ext loader now need explicit policy entries in all cases?
The default policy for the extensions was changed to no permission in
JDK 9 b14:
https://bugs.openjdk.java.net/browse/JDK-8040059
http://mail.openjdk.java.net/pipermail/core-libs-dev/2014-April/026575.html
Each component can further be deprivileged to the minimum set of
permission like the recent change to JAX-WS, JAXB modules which are now
only granted with specific permissions rather than all permissions:
http://mail.openjdk.java.net/pipermail/core-libs-dev/2015-January/031023.html
Mark's patch is first to move it out from the boot loader to the ext
class loader. Identifying the permissions required by corba requires
more effort and not straight-forward. So it's granted with
AllPermissions for now and reduce the permission set in the future.
Mandy
>
> Thanks,
> David
>
> [1]
> https://docs.oracle.com/javase/8/docs/technotes/guides/extensions/spec.html
>
>> as an interim measure corba is afforded all permissions privilege.
>> this will be reduced in coming iterations.
>>
>> regards
>> Mark
More information about the core-libs-dev
mailing list