RFR: 8168313: Tighten permissions granted to jdk.crypto.pkcs11 module

Sean Mullan sean.mullan at oracle.com
Thu Oct 20 15:22:16 UTC 2016

Please review this change to tighten or remove unnecessary permissions 
granted to the jdk.crypto.pkcs11 module:


In doing so, I refactored the code a little to not use 
sun.security.action APIs and was able to remove a qualified export from 
java.base. I also moved the reading of the os.name and os.arch system 
properties inside a doPrivileged block just in case the caller(s) do not 
have permission to read them.


More information about the security-dev mailing list