[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-jdk8-dev
Subject: Re: jdk8-b100: JSN, Tools, Core Libraries, Serviceability, 2d, Awt, and Swing
From: Enrico Olivelli <eolivelli () gmail ! com>
Date: 2013-07-24 18:03:49
Message-ID: 51F01705.6060200 () gmail ! com
[Download RAW message or body]
Hi all,
in JDK-8007035 SecurityManager.checkMemberAccess(Class<?> clazz, int which) has been \
deprecated. I'm using it to prevent sendboxed code from accessing private members in \
java.lang.System (to set SecurityManager to null for example)
is there any other way to protect java.lang.System private fields ?
Thanks
Enrico Olivelli
Il 23/07/2013 20:35, lana.steuck@oracle.com ha scritto:
> http://hg.openjdk.java.net/jdk8/jdk8/rev/d2dcb110e9db
> http://hg.openjdk.java.net/jdk8/jdk8/nashorn/rev/598321c438b5
> http://hg.openjdk.java.net/jdk8/jdk8/langtools/rev/82f68da70e47
> http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/5be9c5bfcfe9
> http://hg.openjdk.java.net/jdk8/jdk8/jaxws/rev/4fd722afae5c
> http://hg.openjdk.java.net/jdk8/jdk8/jaxp/rev/5d1974c1d7b9
> http://hg.openjdk.java.net/jdk8/jdk8/hotspot/rev/bb416ee2a79b
> http://hg.openjdk.java.net/jdk8/jdk8/corba/rev/8d492f1dfd1b
>
> ---
>
> All the fixes will be tested during promotion (no PIT testing at this point):
>
> List of all fixes:
> ===================
> JDK-8020371 client-libs [macosx] applets with Drag and Drop fail with \
> IllegalArgumentException JDK-8020298 client-libs [macosx] Incorrect merge in \
> the lwawt code. JDK-8020210 client-libs [macosx] JVM crashes in \
> CWrapper$NSWindow.screen(long) JDK-8020038 client-libs [macosx] Incorrect \
> usage of invokeLater() and likes in callbacks called via JNI from AppKit thread \
> JDK-8019587 client-libs [macosx] Possibility to set the same frame for the \
> different screens JDK-8019265 client-libs [macosx] apple.laf.useScreenMenuBar \
> regression comparing with jdk6 JDK-8017492 client-libs Static field in HTML \
> parser affects all applications JDK-8016737 client-libs After clicking on \
> "Print UNCOLLATED" button, the print out come in order 'Page 1', 'Page 2', 'Page 1' \
> JDK-8015730 client-libs PIT: On Linux, OGL=true and fbobject=false leads to \
> deadlock or infinite loop JDK-8014497 client-libs [parfait] Potential null \
> pointer dereference in jdk/src/share/native/sun/java2d/cmm/lcms/cmsgamma.c \
> JDK-8009168 client-libs accessibility.properties syntax issue JDK-8004859 \
> client-libs Graphics.getClipBounds/getClip return difference nonequivalent \
> bounds, depending from transform. JDK-7188095 client-libs TEST_BUG: 4 \
> javax/sound manual tests should be modified to run with jtreg JDK-6707231 \
> client-libs Wrong read Method returned for boolen properties JDK-8020508 \
> core-libs Enforce reflection access restrictions on Object.bindProperties \
> JDK-8020463 core-libs Input argument array wrapping in loadWithNewGlobal is \
> wrong JDK-8020437 core-libs Wrong handling of line numbers with multiline \
> string literals JDK-8020409 core-libs Clean up doclint problems in \
> java.util package, part 1 JDK-8020380 core-libs __noSuchProperty__ defined \
> in mozilla_compat.js script should be non-enumerable JDK-8020358 core-libs \
> Array(0xfffffff) throws OutOfMemoryError JDK-8020357 core-libs \
> Int32Array(Math.pow(2,31)-1).length throws java.lang.NegativeArraySizeException \
> JDK-8020354 core-libs Object literal property initialization is not done in \
> source order JDK-8020325 core-libs static property does not work on \
> accessible, public classes JDK-8020324 core-libs \
> Object.bindProperties(target, source) does not work when source object is a java \
> bean JDK-8020318 core-libs Fix doclint issues in java.net
> JDK-8020294 core-libs Fix doclint issues in java.util.Spliterator
> JDK-8020283 core-libs Don't use exceptions for widening of ArrayData
> JDK-8020276 core-libs interface checking in Invocable.getInterface \
> implementation JDK-8020224 core-libs LinkageError: attempted duplicate \
> class definition when --loader-per-compiler=false JDK-8020223 core-libs \
> ClassCastException: String can not be casted to ScriptFunction JDK-8020125 \
> core-libs --print-lower-parse misses eval JDK-8020124 core-libs \
> switch((Math.pow ? x = 1.2e3 : 3)) { default: return; } JDK-8020095 core-libs \
> Fix doclint warnings in java.util.regex JDK-8020091 core-libs Fix HTML \
> doclint issues in java.io JDK-8020062 core-libs Nest StreamBuilder \
> interfaces inside relevant Stream interfaces JDK-8020040 core-libs Improve \
> and generalize the F/J tasks to handle right or left-balanced trees JDK-8020035 \
> core-libs nashorn jdk buildfile BuildNashorn.gmk still renamed \
> jdk.nashorn.internal.objects package JDK-8020015 core-libs shared \
> PropertyMaps should not be used without duplication JDK-8019983 core-libs \
> (function(){ switch(1){ case 0: case '': default:return} return 1 })() returns 0 \
> instead of undefined JDK-8019979 core-libs Replace CheckPackageAccess test \
> with better one from closed repo JDK-8019963 core-libs empty char range in \
> regex JDK-8019947 core-libs inherited property invalidation does not work \
> with two globals in same context JDK-8019862 core-libs Fix doclint errors \
> in java.lang.* JDK-8019857 core-libs Fix doclint errors in \
> java.util.Format* JDK-8019822 core-libs Duplicate name and signature in \
> finally block JDK-8019821 core-libs Boolean Cannot Be Cast To Integer
> JDK-8019819 core-libs Nullpointer exception in codegen
> JDK-8019814 core-libs Add regression test for passing cases
> JDK-8019811 core-libs Boolean to bitwise coercion error
> JDK-8019809 core-libs Break return statement can create erroneous bytecode
> JDK-8019805 core-libs for each (init; test; modify) is invalid
> JDK-8019799 core-libs api/java_util/jar/Pack200 test failed with compactX \
> profiles. JDK-8019794 core-libs \
> closed/java/util/logging/LoggerInAppContext.java failed on jdk8-b96 JDK-8019791 \
> core-libs ~ is a unary operator JDK-8019783 core-libs typeof does not \
> work properly for java methods and foreign objects JDK-8019629 core-libs \
> void operator should always evaluate to undefined JDK-8019622 core-libs \
> (sl) ServiceLoadet.next incorrect when creation and usages are in different \
> contexts JDK-8019585 core-libs Another bytecode problem with typeof chains
> JDK-8019551 core-libs Make BaseStream public
> JDK-8019484 core-libs Sync j.u.c.ConcurrentHashMap from 166 to tl
> JDK-8019481 core-libs Sync misc j.u.c classes from 166 to tl
> JDK-8019395 core-libs Consolidate StreamSupport.{stream,parallelStream} \
> into a single method JDK-8019381 core-libs HashMap.isEmpty is non-final, \
> potential issues for get/remove JDK-8019370 core-libs Sync j.u.c Fork/Join \
> from 166 to tl JDK-8019322 core-libs Forward port \
> test/closed/java/lang/invoke tests from jdk7u to jdk8 JDK-8019184 core-libs \
> MethodHandles.catchException() fails when methods have 8 args + varargs JDK-8017768 \
> core-libs ClassNotFoundException if the parameter in Java.type() is an enum. \
> JDK-8017447 core-libs Unmodifiable map entry becomes modifiable if taken \
> from a stream of map entries JDK-8017329 core-libs 8b92-lambda regression: \
> TreeSet("a", "b").stream().substream(1).parallel().iterator() is empty JDK-8017231 \
> core-libs Add StringJoiner.merge JDK-8017212 core-libs \
> File.createTempFile requires unnecessary "read" permission JDK-8017141 core-libs \
> java.util/stream Spliterators from sequential sources should not catch OOME \
> JDK-8017084 core-libs Use spill properties for large object literals \
> JDK-8016681 core-libs regex capture behaves differently than on V8 \
> JDK-8016341 core-libs java/lang/ref/OOMEInReferenceHandler.java failing \
> intermittently JDK-8016285 core-libs Add \
> java.lang.reflect.Parameter.isNamePresent() JDK-8015356 core-libs \
> [].concat([,]).hasOwnProperty("0") should evaluate to false JDK-8015320 core-libs \
> Pull spliterator() up from Collection to Iterable JDK-8015317 core-libs \
> Optional.filter, map, and flatMap JDK-8015315 core-libs Stream.concat \
> methods JDK-8014890 core-libs (ref) Reference queues may return more \
> entries than expected JDK-8014785 core-libs Ability to extend global \
> instance by binding properties of another object JDK-8013925 core-libs \
> Remove symbol fields from nodes that don't need them JDK-8012191 core-libs \
> noSuchProperty can't cope with vararg functions JDK-8011629 core-libs \
> Object.defineProperty performance issue JDK-8011427 core-libs \
> java.util.concurrent collection Spliterator implementations JDK-8011210 core-libs \
> Investigate the cause of the findValue callsite miss in gbemu.js JDK-8010946 \
> core-libs AccessControl.doPrivileged is broken when called from js script \
> JDK-8010821 core-libs [findbugs] Some classes in \
> jdk.nashorn.internal.runtime.regexp expose mutable objects JDK-8010679 core-libs \
> Clarify "present" and annotation ordering in Core Reflection for Annotations \
> JDK-8009758 core-libs JDK-8006529.js fails after recent method lookup \
> changes JDK-8007035 core-libs deprecate public void \
> SecurityManager.checkMemberAccess(Class<?> clazz, int which) JDK-7187144 \
> core-libs JavaDoc for ScriptEngineFactory.getProgram() contains an error \
> JDK-7129185 core-libs (coll) Please add Collections.emptyNavigableSet() \
> JDK-7122142 core-libs (ann) Race condition between isAnnotationPresent and \
> getAnnotations JDK-6480539 core-libs BigDecimal.stripTrailingZeros() has \
> no effect on zero itself ("0.0") JDK-6178739 core-libs (fmt) \
> Formatter.format("%0.4f\n", 56789.456789) generates MissingFormatWidthException \
> JDK-8020308 core-svc Fix doclint issues in java.lang.management \
> JDK-8019826 core-svc [Test bug] Test \
> com/sun/management/HotSpotDiagnosticMXBean/SetVMOption.java fails with NPE \
> JDK-8019594 core-svc TestObjectCountAfterGCEvent.java fails with wrong \
> size of instances in event JDK-8017306 core-svc 2 \
> closed/com/oracle/jfr/gc/ tests failed with AssertionError in nightly build on \
> solaris-sparc JDK-8011702 core-svc TEST_BUG: Tests for "Improve robustness \
> of JMX internal APIs" bug fix should be modified JDK-8010734 core-svc NPG: \
> The test MemoryTest.java needs to be updated to support metaspace JDK-8010285 \
> core-svc Enforce the requirement of Management Interfaces being public \
> JDK-8020441 hotspot Enable test for 'Method Profiling Sample' event \
> JDK-8019967 hotspot Write regression test for 8004811 JDK-8019815 \
> hotspot remove option -XX:ParallelGCThreads=1 from \
> TestYoungGarbageCollectionEvent.java JDK-8019419 hotspot Stabilize \
> TestJavaThreadStatisticsEvent.java JDK-8017485 hotspot \
> TestGCCauseWithSystemGC might get wrong GC events JDK-8017484 hotspot \
> TestHeapSummaryEventConcurrentCMS gets concurrent CMS GC events JDK-8017446 \
> hotspot disable fasttime for gc tests JDK-8016879 hotspot The \
> object allocation event(s) create huge amount of data when enabled JDK-8015433 \
> hotspot TestJcmdStartWithOptions.java interrupted on Solaris-sparc \
> (Timeout?) JDK-8005161 hotspot TestPeriodicEventSampling.java gets wrong \
> number of events JDK-8017566 other-libs Backout 8000450 - Cannot access to \
> com.sun.corba.se.impl.orb.ORBImpl JDK-8020557 security-libs javadoc cleanup in \
> javax.security JDK-8020321 security-libs Problem in PKCS11 regression test \
> TestRSAKeyLength JDK-8020310 security-libs JDK-6356530 broke the old build
> JDK-8020164 security-libs TEST_BUG: DHKeyValidation test should be changed to \
> use all values of y JDK-8019854 security-libs \
> lib/security/cacerts/VerifyCACerts.java should be removed from problem list \
> JDK-8019772 security-libs Fix doclint issues in javax.crypto and javax.security \
> subpackages JDK-8019627 security-libs RuntimeException gets obscured during \
> OCSP cert revocation checking JDK-8019410 security-libs \
> sun/security/krb5/auto/ReplayCacheTestProc.java JDK-8019341 security-libs \
> Update CookieHttpsClientTest to use the newer framework. JDK-8019267 \
> security-libs NPE in AbstractSaslImpl when trace level >= FINER in KRB5 \
> JDK-8012637 security-libs Adjust CipherInputStream class to work in AEAD/GCM \
> mode JDK-8011547 security-libs Update XML Signature implementation to Apache \
> Santuario 1.5.4 JDK-7196805 security-libs DH Key interoperability testing \
> between SunJCE and JsafeJCE not successful JDK-7165807 security-libs Non \
> optimized initialization of NSS crypto library leads to scalability issues \
> JDK-6755701 security-libs SunJCE DES/DESede SecretKeyFactory.generateSecret \
> throws InvalidKeySpecExc if passed SecretKeySpec JDK-8020586 tools \
> Warning produced for an incorrect file JDK-8020286 tools Wrong \
> diagnostic after compaction JDK-8020278 tools NPE in javadoc
> JDK-8020214 tools TEST_BUG: \
> test/tools/javap/8007907/JavapReturns0AfterClassNotFoundTest.java broken \
> JDK-8020149 tools Graph inference: wrong logic for picking best \
> variable to solve JDK-8020147 tools Spurious errors when compiling \
> nested stuck lambdas JDK-8019942 tools Graph inference: avoid redundant \
> computation during bound incorporation JDK-8019824 tools very long \
> error messages on inference error JDK-8019480 tools Javac crashes when \
> method is called on a type-variable receiver from lambda expression JDK-8019340 \
> tools varargs-related warnings are meaningless on signature-polymorphic \
> methods such as MethodHandle.invokeExact JDK-8017618 tools \
> NullPointerException in RichDiagnosticFormatter for bad input program JDK-8016702 \
> tools use of ternary operator in lambda expression gives incorrect \
> results JDK-8016640 tools compiler hangs if the generics arity of a \
> base class is wrong JDK-8016175 tools Add bottom-up type-checking \
> support for unambiguous method references JDK-8016060 tools Lambda \
> isn't compiled with return statement JDK-8016059 tools Cannot compile \
> following lambda JDK-8013404 tools Unclear spec for target typing with \
> conditional operator (?:) JDK-8012242 tools Lambda compatibility and \
> checked exceptions JDK-8012238 tools Nested method capture and \
> inference JDK-8009924 tools some langtools tools do not accept -cp as \
> an alias for -classpath JDK-8008200 tools \
> java/lang/Class/asSubclass/BasicUnit.java fails to compile JDK-7041019 tools \
> Bogus type-variable substitution with array types with dependencies on \
> accessibility check JDK-6356530 tools -Xlint:serial does not flag \
> abstract classes with concrete methods/members JDK-8020430 xml \
> NullPointerException in xml sqe nightly result on 2013-07-12 JDK-8016648 xml \
> FEATURE_SECURE_PROCESSING set to true or false causes SAXParseException to be \
> thrown
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic