Hi Mandy,
On 09/02/2016 05:30 PM, Mandy Chung wrote:
Constructor::newInstance is a caller-sensitive method that performs the
security check when the caller is not the same class loader as implClass’s
class loader or not its ancestor.
In this case the caller class is ServerSocket and its class loader is the
bootstrap class loader is privileged (an ancestor of any loader).
I'm thinking of the Class::getDeclaredConstructor method.
If the implClass's class loader is not the bootstrap loader,
"accessDeclaredMembers" permission will be checked. I don't know about
which implClass(es) will be passed to the method, but if custom user
classes are among them, they will not be loaded by bootstrap loader, right?
Checking the usages of getDeclaredConstructor() in JDK sources I can see
that they usually (but not always) are enclosed in doPrivileged.
Regards, Peter
Mandy
On Sep 2, 2016, at 6:42 AM, Peter Levart <peter.lev...@gmail.com> wrote:
Hi Many,
Are you sure the implementation class passed to
JavaNetSocketAccess.newSocketImpl(Class<? extends SocketImpl> implClass) is
never going to be loaded by a class loader other than bootstrap classloader (the
loader of the caller of implClass.getDeclaredConstructor()) and that no unprivileged
code will be on the call stack at that time? Do you need to enclose this invocation
into doPrivileged() block or do you expect that the caller of
JavaNetSocketAccess.newSocketImpl() will do that?
Regards, Peter
On 08/31/2016 10:48 PM, Mandy Chung wrote:
This patch introduces JavaNetSocketAccess to allow access to non-public
ServerSocket constructor that is accessed by some other area as a clean up.
Webrev:
http://cr.openjdk.java.net/~mchung/jdk9/webrevs/8165180/webrev.00/
Mandy
