Hi, JDK-8235351 is backported to 11.0.11-oracle. I'd like to backport it for parity. Change doesn't apply cleanly, because https://bugs.openjdk.java.net/browse/JDK-8233527 is not in 11u (jdk14 uses hasFullPrivilegeAccess(), but older versions use hasPrivateAccess()).
Bug: https://bugs.openjdk.java.net/browse/JDK-8235351 Original change: https://hg.openjdk.java.net/jdk/jdk/rev/4437d58547ce 11u backport: http://cr.openjdk.java.net/~mdoerr/8235351_methodhandles_11u/webrev.00/ This is the adaptation: diff -r a670e0826a66 src/java.base/share/classes/java/lang/invoke/MethodHandles.java --- a/src/java.base/share/classes/java/lang/invoke/MethodHandles.java Fri Dec 06 15:10:40 2019 -0800 +++ b/src/java.base/share/classes/java/lang/invoke/MethodHandles.java Fri Dec 18 18:01:25 2020 +0100 @@ -2074,8 +2074,8 @@ * Otherwise, if m is caller-sensitive, throw IllegalAccessException. */ Lookup findBoundCallerLookup(MemberName m) throws IllegalAccessException { - if (MethodHandleNatives.isCallerSensitive(m) && !hasFullPrivilegeAccess()) { - // Only lookups with full privilege access are allowed to resolve caller-sensitive methods + if (MethodHandleNatives.isCallerSensitive(m) && !hasPrivateAccess()) { + // Only lookups with private access are allowed to resolve caller-sensitive methods throw new IllegalAccessException("Attempt to lookup caller-sensitive method using restricted lookup object"); } return this; @@ -2335,9 +2335,9 @@ if (boundCaller.allowedModes == TRUSTED || !MethodHandleNatives.isCallerSensitive(method)) return mh; - // boundCaller must have full privilege access. + // boundCaller must have private access. // It should have been checked by findBoundCallerLookup. Safe to check this again. - if (!boundCaller.hasFullPrivilegeAccess()) + if (!boundCaller.hasPrivateAccess()) throw new IllegalAccessException("Attempt to lookup caller-sensitive method using restricted lookup object"); MethodHandle cbmh = MethodHandleImpl.bindCaller(mh, boundCaller.lookupClass); Please review. Best regards, Martin