-
CSR
-
Resolution: Approved
-
P2
-
low
-
-
Java API
-
SE
Summary
Deprecate pre-1.2 SecurityManager methods and fields with forRemoval=true.
Problem
Several deprecated methods and fields in SecurityManager are only for use in SecurityManager implementations prior to JDK 1.2. Each of them have been deprecated since JDK 1.2 and should not be used in modern implementations. They should be marked with forRemoval=true to indicate they will be removed in a subsequent JDK major release. It is no longer necessary to retain support for pre-1.2 SecurityManager implementations and removing these methods will clean up the SecurityManager class and eliminate the potential for them to be used incorrectly or insecurely. A migration guide discussing how to replace the old methods has also been available since the JDK 1.2 timeframe: http://docs.oracle.com/javase/7/docs/technotes/guides/security/smPortGuide.html#HowToPort
Solution
Add forRemoval=true to the Deprecated annotation for the inCheck field, and the getInCheck, classDepth, classLoaderDepth, currentClassLoader, currentLoadedClass, inClass, and inClassLoader methods.
The checkMemberAccess method is also a pre-1.2 deprecated method, but it has already been marked with forRemoval=true as part of JDK-8145468.
Specification
--- old/src/java.base/share/classes/java/lang/SecurityManager.java 2016-07-25 08:07:55.504355118 -0400
+++ new/src/java.base/share/classes/java/lang/SecurityManager.java 2016-07-25 08:07:55.208355126 -0400
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1995, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -227,9 +227,10 @@
*
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
+ * call be used instead. This field is subject to removal in a
+ * future version of Java SE.
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
protected boolean inCheck;
/*
@@ -260,9 +261,10 @@
* @see java.lang.SecurityManager#inCheck
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
+ * call be used instead. This method is subject to removal in a
+ * future version of Java SE.
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
public boolean getInCheck() {
return inCheck;
}
@@ -340,12 +342,13 @@
*
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
+ * call be used instead. This method is subject to removal in a
+ * future version of Java SE.
*
* @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
* @see #checkPermission(java.security.Permission) checkPermission
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
protected ClassLoader currentClassLoader() {
ClassLoader cl = currentClassLoader0();
if ((cl != null) && hasAllPermission())
@@ -386,12 +389,13 @@
*
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
+ * call be used instead. This method is subject to removal in a
+ * future version of Java SE.
*
* @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
* @see #checkPermission(java.security.Permission) checkPermission
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
protected Class<?> currentLoadedClass() {
Class<?> c = currentLoadedClass0();
if ((c != null) && hasAllPermission())
@@ -408,10 +412,10 @@
* <code>-1</code> if such a frame cannot be found.
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
- *
+ * call be used instead. This method is subject to removal in a
+ * future version of Java SE.
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
protected native int classDepth(String name);
/**
@@ -444,12 +448,13 @@
*
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
+ * call be used instead. This method is subject to removal in a
+ * future version of Java SE.
*
* @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
* @see #checkPermission(java.security.Permission) checkPermission
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
protected int classLoaderDepth() {
int depth = classLoaderDepth0();
if (depth != -1) {
@@ -472,9 +477,10 @@
* name is on the execution stack; <code>false</code> otherwise.
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
+ * call be used instead. This method is subject to removal in a
+ * future version of Java SE.
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
protected boolean inClass(String name) {
return classDepth(name) >= 0;
}
@@ -488,10 +494,11 @@
*
* @deprecated This type of security checking is not recommended.
* It is recommended that the <code>checkPermission</code>
- * call be used instead.
+ * call be used instead. This method is subject to removal in a
+ * future version of Java SE.
* @see #currentClassLoader() currentClassLoader
*/
- @Deprecated(since="1.2")
+ @Deprecated(since="1.2", forRemoval=true)
protected boolean inClassLoader() {
return currentClassLoader() != null;
}- csr for
-
JDK-8161506 Deprecate pre-1.2 SecurityManager methods and fields with forRemoval=true
-
- Closed
-