-
Enhancement
-
Resolution: Fixed
-
P2
-
9
-
b38
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8085132 | emb-9 | Mandy Chung | P2 | Resolved | Fixed | team |
jtreg policy=test.policy overrides the system policy file. Thus most of the custom policy files for existing tests copy the system's policy and grants the permissions for the test.
JDK-8040059 changes the default permission for extensions from AllPermission to no permission. It also individually grants the least permissions to each JAR file in jre/lib/ext. All custom policy files that explicitly grant "java.ext.dirs" codesource with AllPermissions should be updated.
There may be further changes to system policy file when more system classes are reduced their privileges.
In addition, it's TBD whether the system policy will be modified for Jigsaw. This RFE should take future system policy changes into account.
The recommendation is to update the tests to extend the system policy file in the same way as -Djava.security.policy=test.policy so that tests can grant permissions for the tests and not impacted with any change in the system policy. SeeCODETOOLS-7900898 for an enhancement request to jtreg harness.
There may be further changes to system policy file when more system classes are reduced their privileges.
In addition, it's TBD whether the system policy will be modified for Jigsaw. This RFE should take future system policy changes into account.
The recommendation is to update the tests to extend the system policy file in the same way as -Djava.security.policy=test.policy so that tests can grant permissions for the tests and not impacted with any change in the system policy. See
- backported by
-
JDK-8085132 Update jdk regression tests to extend the default security policy instead of override
-
- Resolved
-
- relates to
-
-
- Resolved
-
-
JDK-8060088 com/sun/tracing/BasicWithSecurityMgr.java fails with modular image with java.security.AccessControlException
-
- Resolved
-
-
-
- Resolved
-