On Thu, 7 Jan 2021 21:23:55 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with two additional
>> commits since the last revision:
>>
>> - Limit P11Util::getProvider privileged access to the required
>> 'accessClassInPackage' RuntimePermission only.
>> - New line character inserted at the end of IllegalPackageAccess.java test
>> file
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java line
> 90:
>
>> 88: p = Security.getProvider(providerName);
>> 89: if (p == null) {
>> 90: p = AccessController.doPrivileged(
>
> Could you use the limited version of doPrivileged and only assert the
> permissions that are strictly necessary to instantiate a provider?
Yes, makes sense. Thanks for your feedback.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1961
