[JDK-8049247] Redundant permission checks when creating ClassLoaders - Java Bug System

XML

Word

Printable

Details

Type: Enhancement
Status: Closed
Priority: P4
Resolution: Duplicate
Affects Version/s: None
Fix Version/s: tbd_major
Component/s: security-libs
Labels:

Subcomponent:
java.security

Description

The subclasses of ClassLoader (SecureClassLoader, URLClassLoader) perform a redundant "createClassLoader" permission check:

    protected SecureClassLoader() {
        super();
        // this is to make the stack depth consistent with 1.1
        SecurityManager security = System.getSecurityManager();
        if (security != null) {
            security.checkCreateClassLoader();
        }
        initialized = true;
    }

ClassLoader() already performs the check, so SecureClassLoader does 1 xtra check, and URLClassLoader does 2.

Attachments

Issue Links

duplicates

JDK-6899533 SecureClassLoader and URLClassLoader have unnecessary check for createClassLoader permission

Closed

Activity

People

Assignee:: Weijun Wang

Reporter:: Sean Mullan

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2014-07-03 05:49

Updated:: 2017-05-16 17:46

Resolved:: 2017-04-10 06:09