On Thu, 16 Jun 2022 07:08:20 GMT, Johannes Kuhn <jk...@openjdk.org> wrote:

> * This adds additional permissions to the jdk.random module 
> (`RuntimePermission "accessClassInPackage.jdk.internal.util.random"`)
> * The annotations of the provider classes are now parsed early.  
>   This avoids putting the parts that can trigger the parsing into an 
> `AccessController.doPrivileged()` block.
> * If a `SecurityManager` is installed, `RandomGeneratorFactory.all()` will 
> only return `RandomGenerator`s that are loaded by a system domain loader.  
>   This avoids parsing annotations of user classes from a privileged context.

src/java.base/share/classes/java/util/random/RandomGeneratorFactory.java line 
170:

> 168:                     .filter(p -> 
> !p.type().isAnnotationPresent(Deprecated.class) &&
> 169:                             
> p.type().isAnnotationPresent(RandomGeneratorProperties.class))
> 170:                     .toList();

Hello Johannes, I haven't yet fully grasped this change, so a few questions:

1. Does this change now mean that in the presence of a SecurityManager, the 
`RandomGeneratorFactory.all()` method will no longer return instances of 
`RandomGeneratorFactory` which belong to the application's classloader (those 
added as Service provider implementations of that interface within the 
application's jar for example)? Would that then contradict the expectations of 
the `RandomGeneratorFactory.all()` API and is there any other way to obtain 
those application specific implementations?
2. I see that this patch now calls `VM.isSystemDomainLoader` in the presence of 
the SecurityManager. That method implementation internally calls 
`ClassLoader.getPlatformClassLoader()` which has SecurityManager checks for the 
`RuntimePermission` for `getClassLoader` permission. Does this call then have 
to be in a privileged block?
3. Is this entire issue specific only to the `RandomGeneratorFactory.all()` 
method? For example, I see that there are some other methods which also use the 
ServiceProvider API to find the relevant provider implementation and there's 
also an `isDeprecated` method which checks for the presence of an annotation on 
the provider's implementation. Are those methods affected too?
4.

-------------

PR: https://git.openjdk.org/jdk/pull/9180

Reply via email to