This follows the convention of ObjectInputStream::setObjectInputFilter. IMHO, in that case the caller also creates the filter and it's only set on this input stream.
Maybe we shouldn't have added the permission check there? Thanks Max > On Aug 23, 2018, at 4:55 AM, Sean Mullan <sean.mul...@oracle.com> wrote: > > One thing I am curious about. Is there a reason why > getObject(ObjectInputFilter) requires a permission check? > > In this case, the caller is the one creating the filter and passing it in, so > the caller can only cause harm to themselves, and the ObjectInputStream is a > local variable which is not returned. This method also does not mutate the > contents of the SignedObject (or SealedObject) ... so I don't see the risk > here. I think you can just wrap ObjectInputStream.setObjectInputFilter in > doPrivileged. > > --Sean > > On 8/22/18 2:37 AM, Weijun Wang wrote: >> Updated webrev at >> http://cr.openjdk.java.net/~weijun/8193859/webrev.02/ >> Changes: >> 1) More spec change >> - describing the filter in class spec >> - mentioning the system filter in existing getObject() methods >> - add "@throws InvalidClassException" to all getObject() methods >> 2) More test cases >> - check SecurityException when a security manager is set >> - set the system filter to see how existing getObject() works >> The 2 tests are very similar but they belong to jdk_security1 and >> jdk_security2. Therefore I haven't combined them. >> Thanks >> Max >>> On Aug 17, 2018, at 10:56 PM, Weijun Wang <weijun.w...@oracle.com> wrote: >>> >>> Please take a review at the updated webrev at >>> >>> http://cr.openjdk.java.net/~weijun/8193859/webrev.01 >>> >>> Changes only in doc, including >>> >>> 1) The "2018-8-15 updates" in the CSR [1] >>> >>> 2) formatting >>> >>> Thanks >>> Max >>> >>> [1] https://bugs.openjdk.java.net/browse/JDK-8193887 >>> >>>> On Aug 14, 2018, at 11:19 PM, Roger Riggs <roger.ri...@oracle.com> wrote: >>>> >>>> Hi, >>>> >>>> On 8/14/2018 10:59 AM, Weijun Wang wrote: >>>>> >>>>> s/initial process-wide filter/system filter/? >>>> >>>> yes >>>> >>>> Roger >>>> >>>>> >>>>> --Max >>>>> >>>>>> [1] 8202675 Replace process-wide terminology in serial filtering to >>>>>> be consistent >>>>>> >>>>>> Regards, Roger >>>>>> >>>>> >>>> >>>
