-
Enhancement
-
Resolution: Fixed
-
P3
-
None
-
b14
Permissions for each JAR file shipped in the JDK's extension directory will be explicitly granted with all permission initially. This will allow each component team to identify minimum permissions required by each component and update the java.policy file accordingly. New tests will possibly be developed in this privilege separation effort.
The default policy for extensions is configured in the java.policy and it's granted with all permissions by default as specified in: http://docs.oracle.com/javase/8/docs/technotes/guides/extensions/spec.html. Customers installing libraries on extensions that require all permissions will need to update the java.policy for JDK 9 to explicitly specify that.
- relates to
-
JDK-4215035 standard extensions path is hard-coded in default system policy file
-
- Resolved
-
-
JDK-8042868 Add lib/ext/jfxrt.jar to java.policy file
-
- Closed
-
-
JDK-8043277 Update jdk regression tests to extend the default security policy instead of override
-
- Resolved
-
-
CODETOOLS-7900898 Provide jtreg policy option that doesn't override system policy
-
- Resolved
-
-
JDK-8043406 Change default policy for JCE providers to run with as few privileges as possible
-
- Resolved
-
-
JDK-8075706 Policy implementation does not allow policy.provider to be on the class path
-
- Closed
-
-
JDK-8043419 Test lib/security/java.policy/Ext_AllPolicy.sh fails against JDK 9 compiler upgrade build
-
- Closed
-
-
JDK-8159752 Grant de-privileged module permissions by default with java.security.policy override option
-
- Closed
-
-
JDK-4287267 Subdivide the "system security domain".
-
- Closed
-
- links to