Details
-
Bug
-
Resolution: Unresolved
-
P3
-
19
Description
This issue concerns the security manager permission checks specified by the ExecutorService (ES) shutdown, shutdownNow and close methods.
The permission checks specified by the shutdown and shutdownNow methods date from Java 5. The close method is new for Java 19, added as a default method that uses shutdown and so needs to specify the same permission checks as the shutdown method.
The permission checks work for ThreadPoolExecutor (TPE). The TPE implementation checks RuntimePermission("modifyThread") and does a SM.checkAccess for each worker thread in the pool. TPE also has a lock so it can coordinate the calls to SM.checkAccess with the starting of new worker threads.
The permission checks aren't good for ForkJoinPool (FJP). It specifies the shutdown and shutdowNow methods to only check RuntimePermission("modifyThread"). Unfortunately, its close method (new in 19) doesn't override the spec to specify that it only checks RuntimePermission("modifyThread").
The new thread-per-task executor returned by Executors.newTheradPerTaskExecutor (new preview API in 19) is similar to FJP in that it only checks RuntimePermission("modifyThread"). The implementation class isn't exposed in the API and the factory method to obtain the ES implementation does not specify that it only checks this one permission.
This issue tracks aligning the javadoc with the implementations so that:
1. ForkJoinPool.close specifies the same permission check as FJP.shutdown and shutdownNow.
2. Executors.newThreadPerTaskExecutor specifies that the shutdown, shutdownNow and close methods can throw SecurityException if the security manager denies RuntimePermission("modifyThread").
The permission checks specified by the shutdown and shutdownNow methods date from Java 5. The close method is new for Java 19, added as a default method that uses shutdown and so needs to specify the same permission checks as the shutdown method.
The permission checks work for ThreadPoolExecutor (TPE). The TPE implementation checks RuntimePermission("modifyThread") and does a SM.checkAccess for each worker thread in the pool. TPE also has a lock so it can coordinate the calls to SM.checkAccess with the starting of new worker threads.
The permission checks aren't good for ForkJoinPool (FJP). It specifies the shutdown and shutdowNow methods to only check RuntimePermission("modifyThread"). Unfortunately, its close method (new in 19) doesn't override the spec to specify that it only checks RuntimePermission("modifyThread").
The new thread-per-task executor returned by Executors.newTheradPerTaskExecutor (new preview API in 19) is similar to FJP in that it only checks RuntimePermission("modifyThread"). The implementation class isn't exposed in the API and the factory method to obtain the ES implementation does not specify that it only checks this one permission.
This issue tracks aligning the javadoc with the implementations so that:
1. ForkJoinPool.close specifies the same permission check as FJP.shutdown and shutdownNow.
2. Executors.newThreadPerTaskExecutor specifies that the shutdown, shutdownNow and close methods can throw SecurityException if the security manager denies RuntimePermission("modifyThread").