On Wed, 6 Jan 2021 15:33:59 GMT, Martin Balao <mba...@openjdk.org> wrote:
> As described in JDK-8259319 [1], this fix proposal is to set proper access > permissions so the SunPKCS11 provider can create instances of SunJCE classes > when a Security Manager is installed and the fallback scheme is used. > > No regressions found in jdk/sun/security/pkcs11 tests category. > > -- > [1] - https://bugs.openjdk.java.net/browse/JDK-8259319 src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java line 90: > 88: p = Security.getProvider(providerName); > 89: if (p == null) { > 90: p = AccessController.doPrivileged( Could you use the limited version of doPrivileged and only assert the permissions that are strictly necessary to instantiate a provider? ------------- PR: https://git.openjdk.java.net/jdk/pull/1961
