On Sun, 17 Nov 2024 19:01:24 GMT, Eirik Bjørsnøs <eir...@openjdk.org> wrote:
> Please review this PR which cleans up SecurityManager-related code in > `java.sql` and `java.sql.rowset` modules post JEP-486 > > There are quite a few changes to review, but all relatively straightforward: > > `DriverManager` > * Remove `SecurityManager::checkPermission` calls in the `setLogWriter`, > `setLogStream` and `deregisterDriver` methods > * Remove two now-unused package private SQLPermission constants > * `ensureDriversInitialized` is updated to remove > `AccessController::doPrivileged` when reading a system property and when > initializing drivers > > `CachedRowSetImpl` > * Remove `AccessController::doPrivileged` when getting a `SyncFactory` > instance > * `getObject` is update to remove a call to `ReflectUtil::checkPackageAccess` > > `CachedRowSetWriter` > * A call to `ReflectUtil::checkPackageAccess` is removed. > > `SerialJavaObject` > * `getFields` is updated to remove call to > `ReflectUtil::checkPackageAccess`. `@CallerSensitive` is no longer needed for > this method. > * The test `CheckCSMs.java` is updated to remove references to > `SerialJavaObject:getFields` > > `SyncFactory` > * `initMapIfNecessary` is updated to remove call to > `AccessController::doPrivileged` when reading system properties and when > reading properties from an input stream > * `getInstance` is updated to remove calls to > `ReflectUtil::checkPackageAccess` > * `setLogger` method is updated to remove call to > `SecurityManager::checkPermission` > * `setJNDIContext` methods are updated to remove call to > `SecurityManager::checkPermission` > > `RowsetProvider` > * Static initializer is updated to call `System::getProperty` directly > * `newFactory` is updated to call `System::getProperty` directly > * `newFactory` is updated to not call `ReflectUtil.checkPackageAccess` > * `getContextClassLoader` is updated to not call > `AccessController::doPrivileged` > * `getFactoryClass` is updated to not call `ReflectUtil.checkPackageAccess` > * `getSystemProperty` is removed > > > `SQLInputImpl` > * A call to `ReflectUtil::checkPackageAccess` is removed > > `TestPolicy.java` in `test/java/sql/testng/util` > * This is now unused and removed > > Ran `test/jdk/java/sql` and `test/jdk/javax/sql` tests locally. GHA results > pending. This pull request has now been integrated. Changeset: d85dd77e Author: Eirik Bjørsnøs <eir...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/d85dd77edf18c6efd3a7438c0595cd729af2f863 Stats: 407 lines in 9 files changed: 10 ins; 353 del; 44 mod 8344365: SecurityManager cleanups in java.sql and java.sql.rowset modules Reviewed-by: rriggs, bchristi ------------- PR: https://git.openjdk.org/jdk/pull/22185
