On 04/22/2014 06:36 PM, Mandy Chung wrote:
Thanks for bringing up this question. I missed to mention the open
question to follow up how we want to build the system java.policy. There
are platform-specific jar file and also different jar files in Oracle
JDK build. I currently list them all in java.policy in this initial
patch. One solution is to have one version of java.policy for each OS.
However this will suffer from the maintenance burden and also
error-prone as the current java.security file. I'd like to get the
feedback from the security team before attempting to modify the makefiles.
We had a similar issue with the java.security file where Oracle-specific
packages were being added to the package.access/definition properties in
the OpenJDK java.security files; thus polluting the source code with
packages that were Oracle-specific.
I fixed this in JDK 8:
https://bugs.openjdk.java.net/browse/JDK-8007292
Basically it involved keeping a list of the non-OpenJDK packages that
were to be restricted in the closed repo, and creating a Java program
that appended these to the properties in the java.security file when the
build included the closed sources.
--Sean
