On Mon, 2 Dec 2024 16:39:55 GMT, Sean Mullan wrote:
> I just pushed [a
> change](https://github.com/openjdk/jdk/pull/22418/commits/a447dd44da5394620c62bac7e05142898d092153)
> to replace the remaining calls to
> `SecurityProperties.privilegedGetOverridable()`with
> `SecurityProperties.getOverr
On Thu, 28 Nov 2024 00:17:43 GMT, Aleksei Efimov wrote:
> The proposed change cleans-up `SecurityManager`, `doPriviledged`, and
> `AccessController` usages from `java.naming`, `jdk.naming.rmi` and
> `jdk.naming.dns` modules.
>
> One noteworthy change: The `java.naming.rmi.s
On Thu, 28 Nov 2024 17:03:13 GMT, Alan Bateman wrote:
> Sean has hollowed out SecurityConstants in pull/22418 but had to leave
> GET_CLASSLOADER_PERMISSION because of this usage. There will be many rounds
> of cleanup so doesn't matter if it comes later. ALL_PERMISSION will probably
> be the l
ed no failures related
> to this change.
Aleksei Efimov has updated the pull request incrementally with one additional
commit since the last revision:
Remove SecurityConstants.GET_CLASSLOADER_PERMISSION
-
Changes:
- all: https://git.openjdk.org/jdk/pull/22421/files
- new: ht
On Thu, 28 Nov 2024 07:52:14 GMT, Alan Bateman wrote:
> Good cleanup. Maybe for a follow on PR but I assume VersionHelper can be
> removed. There's been several post JEP 486 removals that mean that
> createThread and loadClass shouldn't be needed now. Also isSerialDataAllowed
> could move to O
ed no failures related
> to this change.
Aleksei Efimov has updated the pull request incrementally with one additional
commit since the last revision:
Remove com.sun.jndi.ldap.VersionHelper
-
Changes:
- all: https://git.openjdk.org/jdk/pull/22421/files
- new: https://git.openj
The proposed change cleans-up `SecurityManager`, `doPriviledged`, and
`AccessController` usages from `java.naming`, `jdk.naming.rmi` and
`jdk.naming.dns` modules.
One noteworthy change: The `java.naming.rmi.security.manager` JNDI environment
property can be used to setup the `SecurityManager`:
On Thu, 3 Nov 2022 11:20:03 GMT, Daniel Fuchs wrote:
>> Deprecate URL constructors. Developers are encouraged to use `java.net.URI`
>> to parse or construct any URL.
>>
>> The `java.net.URL` class does not itself encode or decode any URL components
>> according to the escaping mechanism define
On Wed, 5 Oct 2022 15:23:43 GMT, Aleksei Efimov wrote:
> ### Summary of the change
> This change introduces new system and security properties for specifying
> factory filters for the JNDI/LDAP and the JNDI/RMI JDK provider
> implementations.
>
> These new properties a
ow test-specific factories filter used to reconstruct objects from the
> test LDAP server.
>
> ### Testing
> tier1-tier3 and JNDI regression/JCK tests not showing any failures related to
> this change.
> No failures observed for the modified regression tests.
Aleksei Efimov
On Fri, 14 Oct 2022 17:45:50 GMT, Roger Riggs wrote:
> In the general composition of filters, it is preferable that UNDECIDED is
> treated as REJECTED.
> That keeps unintentional holes in a filter from being permissive.
That is a good point Roger. The "java.security" file was updated (4449dda)
ow test-specific factories filter used to reconstruct objects from the
> test LDAP server.
>
> ### Testing
> tier1-tier3 and JNDI regression/JCK tests not showing any failures related to
> this change.
> No failures observed for the modified regression tests.
Aleksei Efimov has
On Fri, 14 Oct 2022 16:35:28 GMT, Daniel Fuchs wrote:
>> Aleksei Efimov has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request conta
ow test-specific factories filter used to reconstruct objects from the
> test LDAP server.
>
> ### Testing
> tier1-tier3 and JNDI regression/JCK tests not showing any failures related to
> this change.
> No failures observed for the modified regression tests.
Aleksei Efimov
ow test-specific factories filter used to reconstruct objects from the
> test LDAP server.
>
> ### Testing
> tier1-tier3 and JNDI regression/JCK tests not showing any failures related to
> this change.
> No failures observed for the modified regression tests.
Aleksei Efimov has
On Thu, 13 Oct 2022 12:37:36 GMT, Jaikiran Pai wrote:
>> Aleksei Efimov has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Change checkInput to be the global filter centric
>
> src/java.base/share/conf/se
On Thu, 13 Oct 2022 13:18:58 GMT, Jaikiran Pai wrote:
>> Aleksei Efimov has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Change checkInput to be the global filter centric
>
> src/java.naming/
On Thu, 13 Oct 2022 12:29:54 GMT, Jaikiran Pai wrote:
>> Aleksei Efimov has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Change checkInput to be the global filter centric
>
> src/java.naming/share/c
On Mon, 10 Oct 2022 13:14:34 GMT, Daniel Fuchs wrote:
>>> If I'm not mistaken there's no point in checking the specific filter if the
>>> global filter state is REJECTED. So instead of switching on the
>>> specificResult below, maybe you should change the logic to switch on the
>>> globalResul
ow test-specific factories filter used to reconstruct objects from the
> test LDAP server.
>
> ### Testing
> tier1-tier3 and JNDI regression/JCK tests not showing any failures related to
> this change.
> No failures observed for the modified regression tests.
Aleksei Efimov h
On Mon, 10 Oct 2022 11:16:40 GMT, Daniel Fuchs wrote:
> If I'm not mistaken there's no point in checking the specific filter if the
> global filter state is REJECTED. So instead of switching on the
> specificResult below, maybe you should change the logic to switch on the
> globalResult instea
On Thu, 6 Oct 2022 16:24:49 GMT, Roger Riggs wrote:
>> Aleksei Efimov has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains six addi
On Thu, 6 Oct 2022 16:10:37 GMT, Roger Riggs wrote:
>> Aleksei Efimov has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains six addi
ow test-specific factories filter used to reconstruct objects from the
> test LDAP server.
>
> ### Testing
> tier1-tier3 and JNDI regression/JCK tests not showing any failures related to
> this change.
> No failures observed for the modified regression tests.
Aleksei Efimov
### Summary of the change
This change introduces new system and security properties for specifying
factory filters for the JNDI/LDAP and the JNDI/RMI JDK provider
implementations.
These new properties allow more granular control over the set of object
factories allowed to reconstruct Java obje
25 matches
Mail list logo
