> On Jun 16, 2017, at 1:25 PM, Sean Mullan <[email protected]> wrote: > > On 6/16/17 11:13 AM, Mandy Chung wrote: >>> On Jun 16, 2017, at 8:00 AM, Sean Mullan <[email protected]> wrote: >>> >>> Please review this clarification to the SecurityManager::checkPackageAccess >>> method to note that the method may be called by the Virtual Machine when >>> loading classes: >>> >>> http://cr.openjdk.java.net/~mullan/webrevs/8181295/webrev.00/ >>> >>> A small correction was also made to the checkPackageDefinition method to >>> note that it may be called by the defineClass (and not the loadClass) >>> method of class loaders. >> checkPackageDefinition is always a question for me and it’s not called in >> the JDK implementation. Is there any test verifying that (i.e. called from >> defineClass)? >> I’m okay to change “is” to “may” in checkPackageDefinition in this patch. I >> can’t validate this spec change. I suggest to separate this from >> JDK-8181295 and follow up in a future release. > > Ok, that's fine. Instead of changing the wording, I would prefer to revert > the change to checkPackageDefinition and file a new issue to address that > separately in a subsequent release as it is not as critical and not > specifically related to this issue.
That’s fine with me. Approved. I don’t need an updated webrev. Mandy
