homberghp commented on issue #8008:
URL: https://github.com/apache/netbeans/issues/8008#issuecomment-2507678175
# A patch.
This might work. It is a hack. Disable the setting of the
System.setSecurityManager in TopSecrurityManager, while leaving the remainder
of the utility in the TopSecurityManager in tact. But one should prepare for
final removal of said TopSecurityManager. It appears to work in `ant tryme`.
Short test with create new maven javaproject and run that.
2 patches:
* For the TopSecurityManager, see below
* for the nbexec launcher. This is for the Unix variant only. Have not yet
investigated windows. (Currently can't build on Windows)
Patch for nbexec
```
diff --git a/platform/o.n.bootstrap/launcher/unix/nbexec
b/platform/o.n.bootstrap/launcher/unix/nbexec
index 1d6ad6e530..8b4a830836 100755
--- a/platform/o.n.bootstrap/launcher/unix/nbexec
+++ b/platform/o.n.bootstrap/launcher/unix/nbexec
@@ -192,7 +192,7 @@ fi
# rename old heap dump to .old
mv "${userdir}/var/log/heapdump.hprof"
"${userdir}/var/log/heapdump.hprof.old" > /dev/null 2>&1
-jargs_without_clusters="$jargs -Djava.security.manager=allow"
+jargs_without_clusters="$jargs -Djava.security.manager=disallow"
jargs="-Dnetbeans.dirs=\"${clusters}\" $jargs_without_clusters"
if [ -z "$cachedirspecified" ]; then
```
Patch for the TopSecurityManager:
```
diff --git a/platform/o.n.bootstrap/src/org/netbeans/TopSecurityManager.java
b/platform/o.n.bootstrap/src/org/netbeans/TopSecurityManager.java
index babb04da60..c89bd13f3d 100644
--- a/platform/o.n.bootstrap/src/org/netbeans/TopSecurityManager.java
+++ b/platform/o.n.bootstrap/src/org/netbeans/TopSecurityManager.java
@@ -48,6 +48,15 @@ import org.openide.util.WeakSet;
* @author Ales Novak, Jesse Glick
*/
public class TopSecurityManager extends SecurityManager {
+ /** Due to permanent deprecation of the java security manager we simply
hack an instance,
+ so the utilities in this class are still available.
+ *
+ * This is a HACK.
+ * This behaves as a eager singleton.
+ */
+ private static TopSecurityManager INSTANCE = new TopSecurityManager();
+ // end of hack.
+
private static final boolean check =
!Boolean.getBoolean("netbeans.security.nocheck"); // NOI18N
private static final Logger LOG =
Logger.getLogger(TopSecurityManager.class.getName());
@@ -166,14 +175,14 @@ public class TopSecurityManager extends
SecurityManager {
static boolean officialExit = false;
static Class<?>[] getStack() {
- SecurityManager s = System.getSecurityManager();
- TopSecurityManager t;
- if (s instanceof TopSecurityManager) {
- t = (TopSecurityManager)s;
- } else {
- t = new TopSecurityManager();
- }
- return t.getClassContext();
+// SecurityManager s = System.getSecurityManager();
+// TopSecurityManager t;
+// if (s instanceof TopSecurityManager) {
+// t = (TopSecurityManager)s;
+// } else {
+// t = new TopSecurityManager();
+// }
+ return INSTANCE.getClassContext();
}
/** Can be called from core classes to exit the system.
@@ -521,15 +530,17 @@ public class TopSecurityManager extends
SecurityManager {
}
public static void install() {
- try {
- System.setSecurityManager(new TopSecurityManager());
- } catch (SecurityException ex) {
- LOG.log(Level.WARNING, "Cannot associated own security
manager"); // NOI18N
- LOG.log(Level.INFO, "Cannot associated own security manager",
ex); // NOI18N
- }
+ // sec man is deprecated
+// try {
+// System.setSecurityManager(new TopSecurityManager());
+// } catch (SecurityException ex) {
+// LOG.log(Level.WARNING, "Cannot associated own security
manager"); // NOI18N
+// LOG.log(Level.INFO, "Cannot associated own security manager",
ex); // NOI18N
+// }
}
static void uninstall() {
- System.setSecurityManager(null);
+ // sec man is deprecated
+// System.setSecurityManager(null);
}
/** Prohibits to set another SecurityManager */
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
