On 10/9/17 3:55 AM, Alan Bateman wrote:
On 05/10/2017 00:05, Vladimir Kozlov wrote:
https://bugs.openjdk.java.net/browse/JDK-8188775
Changes for 8182701[1] missed changes in default.policy for new module
jdk.internal.vm.compiler.management.
Add missing code:
src/java.base/share/lib/security/default.policy
@@ -154,6 +154,10 @@
permission java.security.AllPermission;
};
+grant codeBase "jrt:/jdk.internal.vm.compiler.management" {
+ permission java.security.AllPermission;
+};
+
This looks okay to me although it would be nice if we could identify the
minimal permissions rather than granting it AllPermission.
+1.
Is there any reason you did not just grant it RuntimePermission
"accessClassInPackage.org.graalvm.compiler.hotspot"?
I see you have already pushed the fix, so I would recommend opening
another issue to only grant the required permissions to the
jdk.internal.vm.compiler.management module.
Thanks,
Sean
