On Wed, 30 Oct 2024 19:28:32 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> This is the implementation of JEP 486: Permanently Disable the Security >> Manager. See [JEP 486](https://openjdk.org/jeps/486) for more details. The >> [CSR](https://bugs.openjdk.org/browse/JDK-8338412) describes in detail the >> main changes in the JEP and also includes an apidiff of the specification >> changes. >> >> NOTE: the majority (~95%) of the changes in this PR are test updates >> (removal/modifications) and API specification changes, the latter mostly to >> remove `@throws SecurityException`. The remaining changes are primarily the >> removal of the `SecurityManager`, `Policy`, `AccessController` and other >> Security Manager API implementations. There is very little new code. >> >> The code changes can be broken down into roughly the following categories: >> >> 1. Degrading the behavior of Security Manager APIs to either throw >> Exceptions by default or provide an execution environment that disallows >> access to all resources by default. >> 2. Changing hundreds of methods and constructors to no longer throw a >> `SecurityException` if a Security Manager was enabled. They will operate as >> they did in JDK 23 with no Security Manager enabled. >> 3. Changing the `java` command to exit with a fatal error if a Security >> Manager is enabled. >> 4. Removing the hotspot native code for the privileged stack walk and the >> inherited access control context. The remaining hotspot code and tests >> related to the Security Manager will be removed immediately after >> integration - see [JDK-8341916](https://bugs.openjdk.org/browse/JDK-8341916). >> 5. Removing or modifying hundreds of tests. Many tests that tested Security >> Manager behavior are no longer relevant and thus have been removed or >> modified. >> >> There are a handful of Security Manager related tests that are failing and >> are at the end of the `test/jdk/ProblemList.txt`, >> `test/langtools/ProblemList.txt` and `test/hotspot/jtreg/ProblemList.txt` >> files - these will be removed or separate bugs will be filed before >> integrating this PR. >> >> Inside the JDK, we have retained calls to >> `SecurityManager::getSecurityManager` and `AccessController::doPrivileged` >> for now, as these methods have been degraded to behave the same as they did >> in JDK 23 with no Security Manager enabled. After we integrate this JEP, >> those calls will be removed in each area (client-libs, core-libs, security, >> etc). >> >> I don't expect each reviewer to review all the code changes in this JEP. >> Rather, I advise that you only focus on the changes for the area >> (client-libs, core-libs, net, ... > > Sean Mullan has updated the pull request with a new target base due to a > merge or a rebase. The pull request now contains 200 commits: > > - Merge remote-tracking branch 'jdk-sandbox/jep486' into JDK-8338411 > - Modify three RMI tests to work without the security manager: > - test/jdk/java/rmi/registry/classPathCodebase/ClassPathCodebase.java > - test/jdk/java/rmi/registry/readTest/CodebaseTest.java > - > test/jdk/java/rmi/server/RMIClassLoader/useCodebaseOnly/UseCodebaseOnly.java > Also remove them from the problem list. > - Remove two obsolete RMI tests: > - test/jdk/java/rmi/server/RMIClassLoader/spi/ContextInsulation.java > - > test/jdk/sun/rmi/transport/tcp/disableMultiplexing/DisableMultiplexing.java > Adjust two tests to run without the Security Manager: > - > test/jdk/java/rmi/server/RMIClassLoader/loadProxyClasses/LoadProxyClasses.java > - test/jdk/java/rmi/server/RMIClassLoader/spi/DefaultProperty.java > Remove all of these tests from the problem list. > - In staticPermissionsOnly(), change "current policy binding" to "current > policy" so wording is consistent with the API note that follows. > - Added API Notes to ProtectionDomain clarifying that the current policy > always > grants no permissions. A few other small changes to Policy and PD. > - Merge branch 'master' into jep486 > - JAXP tests: organize imports of a few tests > - Improve description of Executors.privilegedThreadFactory > - rename TestAppletLoggerContext.java as suggested in util test review > - clientlibs: Javadoc cleanup > - ... and 190 more: https://git.openjdk.org/jdk/compare/158ae51b...7958ee2b I looked through the updates to `java.desktop` module and to tests under `java/awt`, `javax/sound`, `javax/swing`. Looks good. ------------- Marked as reviewed by aivanov (Reviewer). PR Review: https://git.openjdk.org/jdk/pull/21498#pullrequestreview-2410517684
