On 23/03/2020 19:39, Chris Hegarty wrote:
On 23 Mar 2020, at 19:18, Alan Bateman <alan.bate...@oracle.com
<mailto:alan.bate...@oracle.com>> wrote:
...
Socket(SocketImpl) is only specified to do a permission check when
the impl is non-null. The socket adaptor in JDK 12 and older releases
doesn't have a dummy impl so the change should not be needed. If
there is a security exception thrownhere then it suggests something
may be broken elsewhere, do you have a stack trace?
I suspect that only the ServerSocketAdapter part of the change is
needed, since ServerSocket(SocketImpl) does a security check
regardless of the value of the given SocketImpl.
The old ServerSocketAdapter implementation pre-dates that protected
constructor. I don't have cycles to dig into what is going on in the
update releases but if there is a security exception bring thrown in
either case then it suggests that something is broken elsewhere.
-Alan
