AOT tool jaotc does not run with SecurityManager. We assume it runs in secure
environment and it does not access any external resources.
Thanks
Vladimir
> On Feb 1, 2017, at 12:03 PM, Doug Simon wrote:
>
>
>> On 1 Feb 2017, at 20:54, Sean Mullan
> On 1 Feb 2017, at 22:19, Vladimir Kozlov wrote:
>
> AOT tool jaotc does not run with SecurityManager. We assume it runs in secure
> environment and it does not access any external resources.
Great.
Can I now consider this change reviewed and integrate it?
-Doug
> On 1 Feb 2017, at 20:54, Sean Mullan wrote:
>
> Couple of comments:
>
> - jdk.vm.ci is already loaded by the boot loader so it is implicitly granted
> AllPermission and does not need an entry in default.policy.
Thanks - I removed it.
> - all internal APIs in the
I’ve reworked the webrev as requested to make jdk.vm.compiler a non-upgradeable
platform module, this allowing it to be mentioned in default.policy:
http://cr.openjdk.java.net/~dnsimon/8145337/
-Doug
> On 30 Jan 2017, at 22:53, Mandy Chung wrote:
>
>>
>> On Jan 30,
> On 30 Jan 2017, at 21:55, Mandy Chung wrote:
>
>
>> On Jan 30, 2017, at 10:38 AM, Doug Simon wrote:
>>
>> I’ve extended the webrev with that change - please re-review:
>>
>> http://cr.openjdk.java.net/~dnsimon/8145337_make/webrev
>>
>
> +1
On 02/02/2017 02:12, Mandy Chung wrote:
On Feb 1, 2017, at 3:07 AM, Doug Simon wrote:
I’ve reworked the webrev as requested to make jdk.vm.compiler a non-upgradeable
platform module, this allowing it to be mentioned in default.policy:
On 2/1/17 4:27 PM, Doug Simon wrote:
Can I now consider this change reviewed and integrate it?
Yes.
--Sean
Couple of comments:
- jdk.vm.ci is already loaded by the boot loader so it is implicitly
granted AllPermission and does not need an entry in default.policy.
- all internal APIs in the jdk.vm.compiler module will now be restricted
by default by SecurityManager::checkPackageAccess(), so if you
> On Jan 30, 2017, at 1:36 PM, Doug Simon wrote:
>
>
>> On 30 Jan 2017, at 21:55, Mandy Chung wrote:
>>
>>
>>> On Jan 30, 2017, at 10:38 AM, Doug Simon wrote:
>>>
>>> I’ve extended the webrev with that change - please