Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8168091

jlink should check security permission early when programmatic access is used

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P3 P3
    • 9
    • 9
    • tools
    • b142
    • generic
    • generic
    • Verified

      Jlink tool can be invoked via java.util.ToolProvider API. When a sandboxed code uses this, it will get security exception - on first attempt to read a System property or read/write a file [by jlink tool code - as jlink module is assigned to application loader with sandbox permissions by standard security policy]

      But, it is better if explicit JlinkPermission check is done upfront and clear access control exception is thrown at the start. Also, we need a test to make sure jlink throws security exception when used from sandboxed code.

            sundar Sundararajan Athijegannathan
            sundar Sundararajan Athijegannathan
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: