Please review this JDK 9 change to make the
SecurityManager::checkPackageAccess and checkPackageDefinition
implementations restrict access to the same set of internal JDK packages
as the module system.
This overall change will improve security by making these two mechanisms
consistent and reduce the amount of work needed to maintain the
package.access and package.definition security properties going forward.
JBS issue: https://bugs.openjdk.java.net/browse/JDK-8055206
JDK webrev:
http://cr.openjdk.java.net/~mullan/webrevs/8055206/jdk/webrev.00/
JAXP webrev:
http://cr.openjdk.java.net/~mullan/webrevs/8055206/jaxp/webrev.00/
The JBS bug has more details, but the fix consists of essentially 3 main
parts:
1. Remove most packages from the package.{access,definition} security
properties
2. Changes to the SecurityManager::checkPackage{Access,Definition} APIs
to allow an implementation to restrict a default set of packages (in
addition to those listed in the package.{access,definition} properties)
3. Changes to the default
SecurityManager::checkPackage{Access,Definition} implementation to use
Module APIs to compute the list of non-exported packages loaded by the
platform class loader or its ancestors.
Several tests also had to be modified to be granted additional
permission(s) to access the newly restricted packages under a
SecurityManager. JAXP also needed a change to grant additional
permissions to access internal packages that are exported to the modules
that are dynamically created for use with XSLT.
Thanks,
Sean
