On 19/07/2019 18:59, Igor Ignatyev wrote:
haven't we identified and *fixed* all the tests which use j.t.l.Platform class
and their own security policy (as part of 8210039 or other testlibrary
refactoring)? in other words, all the tests which use j.t.l.Platform must have
a policy file which grants Platform java.util.PropertyPermission read. so there
should be no impact at all, unless there are tests which grants permissions to
specific properties, and such policies are relatively easy to find and correct.
Test infrastructure classes that need permissions are a bit of a pain
for tests that want to run with a security manager or use their own
policy files. It's just not easy to change these test libraries without
fear of breaking tests in random places. I think we have to
compartmentalize (as per the latest webrev) to avoid every test with a
policy file needing to grant permissions do do container stuff when they
aren't container tests. One thing that would be helpful is to have a
page on the wiki with info on how to these test libraries with a
security manager - is this something that you (or maybe Mikhailo) would
have cycles to do?
-Alan.
