On Mon, 4 Mar 2024 15:28:28 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> src/java.management/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java
> line 309:
>
>> 307: final Subject s;
>> 308: if (!SharedSecrets.getJavaLangAccess().allowSecurityManager()) {
>> 309: s = Subject.current();
>
> We may not want to call `Subject.current()` here, as this may imply that we
> will support this functionality even if an SM is not enabled.
I was not exactly sure if we will support this functionality. The class name
has `AccessControler` and the method names use `checkAccess`, but they actually
do not always depend on security manager.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17472#discussion_r1511716084
