-
Bug
-
Resolution: Unresolved
-
P4
-
8, 11, 17, 21
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8370011 | 8u491 | Weibing Xiao | P4 | Open | Unresolved | |
| JDK-8370009 | 17.0.19-oracle | Weibing Xiao | P4 | Open | Unresolved | |
| JDK-8370010 | 11.0.31-oracle | Weibing Xiao | P4 | Open | Unresolved |
javax.rmi.ssl.SslRMIClientSocketFactory#createSocket reads two system properties which causes failure if SecurityManager is enabled
* javax.rmi.ssl.client.enabledCipherSuites
* javax.rmi.ssl.client.enabledProtocols
The relevant code should be wrapped in an AccessController.doPrivileged block.
Exception in thread "main" java.security.AccessControlException: access denied ("java.util.PropertyPermission" "javax.rmi.ssl.client.enabledCipherSuites" "read")
at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
at java.base/java.security.AccessController.checkPermission(AccessController.java:1071)
at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
at java.base/java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1146)
at java.base/java.lang.System.getProperty(System.java:966)
at java.rmi/javax.rmi.ssl.SslRMIClientSocketFactory.createSocket(SslRMIClientSocketFactory.java:125)
at SslRMIClientSocketFactoryExample.main(SslRMIClientSocketFactoryExample.java:12)
applicable to JDK 21u and earlier since SM has been removed from feature code line
* javax.rmi.ssl.client.enabledCipherSuites
* javax.rmi.ssl.client.enabledProtocols
The relevant code should be wrapped in an AccessController.doPrivileged block.
Exception in thread "main" java.security.AccessControlException: access denied ("java.util.PropertyPermission" "javax.rmi.ssl.client.enabledCipherSuites" "read")
at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
at java.base/java.security.AccessController.checkPermission(AccessController.java:1071)
at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
at java.base/java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1146)
at java.base/java.lang.System.getProperty(System.java:966)
at java.rmi/javax.rmi.ssl.SslRMIClientSocketFactory.createSocket(SslRMIClientSocketFactory.java:125)
at SslRMIClientSocketFactoryExample.main(SslRMIClientSocketFactoryExample.java:12)
applicable to JDK 21u and earlier since SM has been removed from feature code line
- backported by
-
JDK-8370009 SslRMIClientSocketFactory#createSocket lacking priviledges (securitymanger)
-
- Open
-
-
-
- Open
-
-
-
- Open
-