(dropping jdk9-dev. security-libs is the appropriate list to review security permission)
> On Jan 23, 2017, at 1:56 PM, Doug Simon <doug.si...@oracle.com> wrote: > > Both jdk.vm.ci and jdk.vm.compiler require a number of permissions when a > security manager is present. Since neither of these modules is accessible to > application code, it should be ok to give them all permissions. This seems to > be the approach for a number of other modules including > jdk.scripting.nashorn, jdk.dynalink, jdk.jsobject etc. Please review this > small change that configures this proposed permission level. > > http://cr.openjdk.java.net/~dnsimon/8145337/webrev/ > https://bugs.openjdk.java.net/browse/JDK-8145337 jdk.vm.compiler is defined by the application class loader and it’s used by AOT tool. I wonder why it has to run with security manager. You can reference JDK tools such as jdk.compiler and jdk.jlink that are not granted with any permission. Mandy
