-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: 1.2.0, 1.3.0
-
Component/s: security-libs
-
None
-
beta2
-
generic
-
generic
The default system policy file (in jre/lib/security/java.policy)
grants all permissions to standard extensions, as follows:
grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};
This uses a hardcoded path to the extensions directory, which users could change
by setting the "java.ext.dirs" system property.
Therefore, the above "grant" statement should be changed to:
grant codeBase "file:${java.ext.dirs}/*" {
permission java.security.AllPermission;
};
grants all permissions to standard extensions, as follows:
grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};
This uses a hardcoded path to the extensions directory, which users could change
by setting the "java.ext.dirs" system property.
Therefore, the above "grant" statement should be changed to:
grant codeBase "file:${java.ext.dirs}/*" {
permission java.security.AllPermission;
};
- duplicates
-
-
- Closed
-
- relates to
-
-
- Resolved
-
-
JDK-8040059 Change default policy for extensions to no permission
-
- Resolved
-