Just thought I'd share some thoughts around a couple of statements in
JEP 411:
*|java.security.{AccessController, AccessControlContext,
AccessControlException, DomainCombiner}|* — The primary APIs for the
access controller, which is the default implementation to which the
Security Ma
Thanks Ron,
What we do now is dynamic, so we need to figure out how to replicate
that post SM. Things we don't grant dynamically are good candidates for
command line argument options.
We basically authenticate, then authorize class loading dynamically at
runtime, along with other things, su
Hello Andrew,
Loss of SM is a significant threat to my software, if left unresolved.
Your interpretations are your own, I make no apologies for your
interpretation. I am describing the difficulties that I am experiencing
with JEP 411 migration and how it applies to my situation, it appears
t
On 3/08/2021 2:25 am, Igor Ignatyev wrote:
On Sat, 31 Jul 2021 20:42:10 GMT, Igor Ignatyev wrote:
Hi all,
could you please review this big tedious and trivial(-ish) patch which moves
`sun.hotspot.WhiteBox` and related classes to `jdk.test.whitebox` package?
the majority of the patch is the
On Wed, 28 Jul 2021 17:13:49 GMT, Igor Ignatyev wrote:
> Hi all,
>
> could you please review this big tedious and trivial(-ish) patch which moves
> `sun.hotspot.WhiteBox` and related classes to `jdk.test.whitebox` package?
>
> the majority of the patch is the following substitutions:
> - `s~s
As described in JDK-8271566 [1], this patch proposal is intended to fix a
problem that arises when using DSA keys that have a 256-bits (or larger) G
parameter for signatures (either signing or verifying). There were some
incorrect assumptions and hard-coded length values in the code before. Plea
On Mon, 2 Aug 2021 15:56:39 GMT, Vladimir Kozlov wrote:
> I agree with these revised changes for JDK 17.
Thanks for your review, Vladimir.
I'll rerun my testing before integrating (just for good luck).
-- Igor
-
PR: https://git.openjdk.java.net/jdk17/pull/290
> Hi all,
>
> could you please review this big tedious and trivial(-ish) patch which moves
> `sun.hotspot.WhiteBox` and related classes to `jdk.test.whitebox` package?
>
> the majority of the patch is the following substitutions:
> - `s~sun/hotspot/WhiteBox~jdk/test/whitebox/WhiteBox~g`
> - `s
On Sat, 31 Jul 2021 20:42:10 GMT, Igor Ignatyev wrote:
>> Hi all,
>>
>> could you please review this big tedious and trivial(-ish) patch which moves
>> `sun.hotspot.WhiteBox` and related classes to `jdk.test.whitebox` package?
>>
>> the majority of the patch is the following substitutions:
>>
On Sat, 31 Jul 2021 20:42:10 GMT, Igor Ignatyev wrote:
>> Hi all,
>>
>> could you please review this big tedious and trivial(-ish) patch which moves
>> `sun.hotspot.WhiteBox` and related classes to `jdk.test.whitebox` package?
>>
>> the majority of the patch is the following substitutions:
>>
On 02/08/2021 11:33, Peter Firmstone wrote:
I think you may be misinterpreting my comment, let me clarify:
Really? I'd suggest only if you stretch the meaning of your words beyond
their elastic limit.
I'm assuming that during the process of removal of security manager, any
external ports or
On 8/2/21 8:49 AM, Peter Firmstone wrote:
> If I fix that bug, will JEP 411 be cancelled?
No. The problem wasn't that we couldn't fix the [Speculative Execution
Vulnerabilities], more that any fix would be so invasive and pervasive
that it would severely hamper the whole platform.
--
Andrew Hale
Hello Andrew,
I think you may be misinterpreting my comment, let me clarify:
I'm assuming that during the process of removal of security manager, any
external ports or process hooks that we can only turn off now by not
granting a permission will be replaced by a command line property or
somet
On 01/08/2021 15:28, Uwe Schindler wrote:
I'm working on the assumption that OpenJDK will close any
external holes currently defended by permission checks. It would
be good if the JDK was secure by default, with properties
required to be set for allowing such things as agents,
management, parsin
Thanks Florian,
1. If I fix that bug, will JEP 411 be cancelled? BTW. Sparc isn't
vulnerable.
2. My primary use case is for SM is for authorization decisions for
remote users and services.
JSR-121: Java Application Isolation API Specification.
http://apt.cs.manchester.ac.uk/intranet/cso
15 matches
Mail list logo