I've been looking through the Harmony code and have run into a number of
cases where loadLibrary() is called without recourse to an
AccessController.doPrivileged() operation. It seems as if a number of places
just get lucky with the security manager. Is there any reason not to
replace:
static {
System.loadLibrary("hyfoo"); //$NON-NLS-1$
}
with:
static {
AccessController.doPrivileged(new PrivilegedAction<Object>() {
public Object run() {
System.loadLibrary("hyfoo"); //$NON-NLS-1$
return null;
}
});
}
Some of the files are in java.* packages, so they have to be on the bootpath
- which means wrapping them might not make sense. But others (like
PSPrinterJob and RandomBitsSupplier) are in org.apache.harmony.*, and might
not necessarily be on the bootpath for all consumers of Harmony classes.
Any thoughts?
Andrew Jr.
