One thing I am curious about. Is there a reason why
getObject(ObjectInputFilter) requires a permission check?
In this case, the caller is the one creating the filter and passing it
in, so the caller can only cause harm to themselves, and the
ObjectInputStream is a local variable which is not returned. This method
also does not mutate the contents of the SignedObject (or SealedObject)
... so I don't see the risk here. I think you can just wrap
ObjectInputStream.setObjectInputFilter in doPrivileged.
--Sean
On 8/22/18 2:37 AM, Weijun Wang wrote:
Updated webrev at
http://cr.openjdk.java.net/~weijun/8193859/webrev.02/
Changes:
1) More spec change
- describing the filter in class spec
- mentioning the system filter in existing getObject() methods
- add "@throws InvalidClassException" to all getObject() methods
2) More test cases
- check SecurityException when a security manager is set
- set the system filter to see how existing getObject() works
The 2 tests are very similar but they belong to jdk_security1 and
jdk_security2. Therefore I haven't combined them.
Thanks
Max
On Aug 17, 2018, at 10:56 PM, Weijun Wang <weijun.w...@oracle.com> wrote:
Please take a review at the updated webrev at
http://cr.openjdk.java.net/~weijun/8193859/webrev.01
Changes only in doc, including
1) The "2018-8-15 updates" in the CSR [1]
2) formatting
Thanks
Max
[1] https://bugs.openjdk.java.net/browse/JDK-8193887
On Aug 14, 2018, at 11:19 PM, Roger Riggs <roger.ri...@oracle.com> wrote:
Hi,
On 8/14/2018 10:59 AM, Weijun Wang wrote:
s/initial process-wide filter/system filter/?
yes
Roger
--Max
[1] 8202675 Replace process-wide terminology in serial filtering to be
consistent
Regards, Roger
