-
Bug
-
Resolution: Fixed
-
P3
-
24
-
b26
The Serial Data section of Subject.SecureSet.writeObject method says:
"If this is a private credential set, a security check is performed to ensure that the caller has permission to access each credential in the set. If the security check passes, the set is serialized."
This is no longer true after the Security Manager has been permanently disabled (see JEP 486). This text should now be removed.
"If this is a private credential set, a security check is performed to ensure that the caller has permission to access each credential in the set. If the security check passes, the set is serialized."
This is no longer true after the Security Manager has been permanently disabled (see JEP 486). This text should now be removed.
- csr for
-
JDK-8344950 javax.security.auth.Subject.SecureSet.writeObject does not do a security check anymore
-
- Closed
-
- relates to
-
JDK-8338411 Implement JEP 486: Permanently Disable the Security Manager
-
- Resolved
-
- links to
-
Commit(master)
openjdk/jdk/86d527f9
-
Review(master)
openjdk/jdk/22390