Re: JPMS Access Checks, Verification and the Security Manager

2017-05-23 Thread Sean Mullan
On 5/23/17 10:44 AM, Volker Simonis wrote: The other question is if '--add-exports' should implicitly grant the corresponding security permissions? I understand that package/class visibility and security checks are somewhat orthogonal concepts so I tend to agree with the current functionality

Re: RFR: 8145337: [JVMCI] JVMCI initialization with SecurityManager installed fails: java.security.AccessControlException: access denied

2017-02-01 Thread Sean Mullan
On 2/1/17 4:27 PM, Doug Simon wrote: Can I now consider this change reviewed and integrate it? Yes. --Sean

Re: RFR: 8145337: [JVMCI] JVMCI initialization with SecurityManager installed fails: java.security.AccessControlException: access denied

2017-02-01 Thread Sean Mullan
Couple of comments: - jdk.vm.ci is already loaded by the boot loader so it is implicitly granted AllPermission and does not need an entry in default.policy. - all internal APIs in the jdk.vm.compiler module will now be restricted by default by SecurityManager::checkPackageAccess(), so if you

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

2016-11-07 Thread Sean Mullan
was sure it would not strip the signature from my JAR file. Best to rename it to avoid confusion. --Sean -Sundar On 11/7/2016 9:36 PM, Sean Mullan wrote: On 11/7/16 9:13 AM, Jim Laskey (Oracle) wrote: The bug https://bugs.openjdk.java.net/browse/JDK-8159393 <https://bugs.openjdk.java.

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

2016-11-07 Thread Sean Mullan
On 11/7/16 9:13 AM, Jim Laskey (Oracle) wrote: The bug https://bugs.openjdk.java.net/browse/JDK-8159393 is really about warning developers that their image does not support signing. If they are okay with that then they can override with

Re: Strange test failure when referencing a class in a deprivileged module

2016-07-06 Thread Sean Mullan
On 07/06/2016 04:51 AM, Alan Bateman wrote: On 06/07/2016 05:32, Weijun Wang wrote: On 7/5/2016 23:50, Mandy Chung wrote: Max - are you running the test with exploded image (see JDK-8155858 [1])? No. The test also fails with recent promoted builds (ever since java.sql is de-priveleged). I

Re: RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules

2016-02-25 Thread Sean Mullan
On 02/18/2016 03:10 AM, Weijun Wang wrote: There is another compatibility issue which is more important: Today, we tell users to load their own PKCS11 provider with -providerClass sun.security.pkcs11.SunPKCS11 -providerArg some.cfg and seems the new options should be -provider

Re: CFV: New jigsaw Committer: Jean-Francois Denise

2015-09-21 Thread Sean Mullan
Vote: yes --Sean

Re: CFV: New Jigsaw Committer: Harold Seigel

2015-09-18 Thread Sean Mullan
Vote: yes --Sean On 09/11/2015 12:31 PM, Karen Kinnear wrote: I hereby nominate Harold Seigel to Jigsaw Committer. Harold is a member of the hotspot runtime team and a Reviewer on the jdk9 project. Harold has been contributing to Project Jigsaw in the hotspot runtime for over a year,

Re: RFR 8047789: auth.login.LoginContext needs to be updated to work with modules

2015-03-25 Thread Sean Mullan
On 03/21/2015 06:54 AM, Alan Bateman wrote: On 20/03/2015 14:39, Wang Weijun wrote: Please review the code changes at http://cr.openjdk.java.net/~weijun/8047789/webrev.03/ This looks good to me too. It would be good to get the JAAS documentation updated too. Yes, we should update

Re: [9] Review Request: 8072663: Remove the sun.security.acl package which is not used in the JDK

2015-02-17 Thread Sean Mullan
Looks fine to me (pending CCC approval). --Sean On 02/17/2015 03:59 PM, Jason Uh wrote: Please review this fix, which removes the sun.security.acl package. webrev: http://cr.openjdk.java.net/~juh/8072663/00/ jbs: http://bugs.openjdk.java.net/browse/JDK-8072663 The sun.security.acl package is

Re: Review request 8069551: Move java.security.acl from compact3 to java.base

2015-01-29 Thread Sean Mullan
Looks fine to me. --Sean On 01/29/2015 03:58 PM, Mandy Chung wrote: Webrev at: http://cr.openjdk.java.net/~mchung/jdk9/webrevs/8069551/webrev.00 java.security.acl is superceded by java.security package since 1.2. This patch proposes to move java.security.acl package to java.base module

hg: jigsaw/m2/jdk: 8062346: Drop support for ${java.ext.dirs} from java.policy

2014-11-12 Thread sean . mullan
Changeset: 115d48bc46f9 Author:mullan Date: 2014-11-12 10:23 -0500 URL: http://hg.openjdk.java.net/jigsaw/m2/jdk/rev/115d48bc46f9 8062346: Drop support for ${java.ext.dirs} from java.policy Reviewed-by: mchung ! src/java.base/share/classes/sun/security/provider/PolicyFile.java !