Hi Attila, Thank you for the comments. I have resolved the bug as "will-not-fix" and added appropriate comments in the bug. So I am taking back this RFR.
Regards, Srinivas ----- Original Message ----- From: szege...@gmail.com To: srinivas.d...@oracle.com Cc: nashorn-dev@openjdk.java.net Sent: Monday, December 11, 2017 4:45:56 PM GMT +05:30 Chennai, Kolkata, Mumbai, New Delhi Subject: Re: RFR: 8134516(Move getInvokeByName and getDynamicInvoker methods from Global to Context) You shouldn't make Global.getContext() public. Context is a security-sensitive class, and the only public access to it is supposed to be through Context.getContext(), which includes a security check. I see you have also simply disabled that security check in your patch. I’m afraid that’s unacceptable. You could make the patch much smaller (and avoid security concerns altogether) if you kept Global.getInvokeByName and Global.getDynamicInvoker methods as they are and have them internally delegate to their new equivalents in Context, adding “this” as the last argument as they do so. This is all in addition to Hannes’ observation with regard to the performance implications in his previous e-mail. Attila. > On Dec 6, 2017, at 4:47 PM, Srinivas Dama <srinivas.d...@oracle.com> wrote: > > Hi, > > Please review http://cr.openjdk.java.net/~sdama/8134516/webrev.01/ for > https://bugs.openjdk.java.net/browse/JDK-8134516 > > Regards, > Srinivas
