-
Bug
-
Resolution: Unresolved
-
P4
-
8, 11, 17, 21
javax.rmi.ssl.SslRMIClientSocketFactory#createSocket reads two system properties which causes failure if SecurityManager is enabled
* javax.rmi.ssl.client.enabledCipherSuites
* javax.rmi.ssl.client.enabledProtocols
The relevant code should be wrapped in an AccessController.doPrivileged block.
Exception in thread "main" java.security.AccessControlException: access denied ("java.util.PropertyPermission" "javax.rmi.ssl.client.enabledCipherSuites" "read")
at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
at java.base/java.security.AccessController.checkPermission(AccessController.java:1071)
at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
at java.base/java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1146)
at java.base/java.lang.System.getProperty(System.java:966)
at java.rmi/javax.rmi.ssl.SslRMIClientSocketFactory.createSocket(SslRMIClientSocketFactory.java:125)
at SslRMIClientSocketFactoryExample.main(SslRMIClientSocketFactoryExample.java:12)
applicable to JDK 21u and earlier since SM has been removed from feature code line
* javax.rmi.ssl.client.enabledCipherSuites
* javax.rmi.ssl.client.enabledProtocols
The relevant code should be wrapped in an AccessController.doPrivileged block.
Exception in thread "main" java.security.AccessControlException: access denied ("java.util.PropertyPermission" "javax.rmi.ssl.client.enabledCipherSuites" "read")
at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
at java.base/java.security.AccessController.checkPermission(AccessController.java:1071)
at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
at java.base/java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1146)
at java.base/java.lang.System.getProperty(System.java:966)
at java.rmi/javax.rmi.ssl.SslRMIClientSocketFactory.createSocket(SslRMIClientSocketFactory.java:125)
at SslRMIClientSocketFactoryExample.main(SslRMIClientSocketFactoryExample.java:12)
applicable to JDK 21u and earlier since SM has been removed from feature code line