-
Bug
-
Resolution: Fixed
-
P3
-
9
-
b142
-
generic
-
generic
-
Verified
Jlink tool can be invoked via java.util.ToolProvider API. When a sandboxed code uses this, it will get security exception - on first attempt to read a System property or read/write a file [by jlink tool code - as jlink module is assigned to application loader with sandbox permissions by standard security policy]
But, it is better if explicit JlinkPermission check is done upfront and clear access control exception is thrown at the start. Also, we need a test to make sure jlink throws security exception when used from sandboxed code.
But, it is better if explicit JlinkPermission check is done upfront and clear access control exception is thrown at the start. Also, we need a test to make sure jlink throws security exception when used from sandboxed code.