Review Request 8007035: Deprecate SecurityManager.checkMemberAccess (original) (raw)
Mandy Chung mandy.chung at oracle.com
Fri Mar 29 02:55:01 UTC 2013
- Previous message: hg: jdk8/tl/jdk: 8010309: Improve PlatformLogger.isLoggable performance by direct mapping from an integer to Level
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sean, John, Joe,
Can you review this fix todeprecatesthe |SecurityManager.checkMemberAccess| method as proposed in http://openjdk.java.net/jeps/176?
Webrev at: http://cr.openjdk.java.net/~mchung/jdk8/webrevs/8007035/webrev.00
Specdiff: http://cr.openjdk.java.net/~mchung/jdk8/webrevs/8007035/specdiff
The |checkMemberAccess| method requires the caller’s frame to be at a stack depth of four, which is fragile and difficult to enforce.
The fix deprecates the SecurityManager.checkMemberAccess method and will throw an exception unconditionally in a future release.There are several methods in java.lang.Class and the class spec of java.lang.invoke.MethodHandles.Lookup in the JDK specify to call SecurityManager.checkMemberAccess. The spec and implementation are updated to do the appropriate permission check.
SecurityManager.checkMemberAccess is not final and it can be overridden by a subclass. However, we believe a SecurityManager subclass implementation that overrides the checkMemberAccess method and behaves differently than the default implementation is very rare. Thus we decide not to handle the SecurityManager subclass case that overrids the checkMemberAccess method with this fix and the compatibility risk should be low.
Thanks Mandy
- Previous message: hg: jdk8/tl/jdk: 8010309: Improve PlatformLogger.isLoggable performance by direct mapping from an integer to Level
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]