RFR: 8168313: Tighten permissions granted to jdk.crypto.pkcs11 module

Anthony Scarpino anthony.scarpino at oracle.com
Thu Oct 20 23:37:20 UTC 2016


On 10/20/2016 08:22 AM, Sean Mullan wrote:
> Please review this change to tighten or remove unnecessary permissions
> granted to the jdk.crypto.pkcs11 module:
>
> http://cr.openjdk.java.net/~mullan/webrevs/8168313/webrev.00/
> https://bugs.openjdk.java.net/browse/JDK-8168313
>
> In doing so, I refactored the code a little to not use
> sun.security.action APIs and was able to remove a qualified export from
> java.base. I also moved the reading of the os.name and os.arch system
> properties inside a doPrivileged block just in case the caller(s) do not
> have permission to read them.
>
> --Sean

Change looks good to me.

Tony



More information about the security-dev mailing list