On 10/09/2018 21:37, Jonathan Gibbons wrote:
Please review a patch to have the Source Launcher be able to work when
a security manager is enabled.
It's not clear to me that this is an interesting use-case but in any
case I think you've got two scenarios to test. One is setting
java.security.manager on the command line, the other is the launched
code's main method calling System.setSecurityManager which amounts to
setting a security manager in a running VM. You might want to add a test
case for the latter.
Is there any way (spi.ToolProvider or some means) for untrusted code to
indirectly run the source launcher? This question is important because
the updated source launcher could be abused to probe anywhere on the
file system.
What are the implications for uses of javax.tools and
com.sun.tools.javac.Main in code running with a security manager? Maybe
that is a separate project but I would have expected to see privileged
blocks in places that need permissions.
-Alan
