Review request JDK-8165180: Provide a shared secret to access non-public ServerSocket constructor
mandy.chung at oracle.com
Fri Sep 2 15:30:24 UTC 2016
Constructor::newInstance is a caller-sensitive method that performs the security check when the caller is not the same class loader as implClass’s class loader or not its ancestor.
In this case the caller class is ServerSocket and its class loader is the bootstrap class loader is privileged (an ancestor of any loader).
> On Sep 2, 2016, at 6:42 AM, Peter Levart <peter.levart at gmail.com> wrote:
> Hi Many,
> Are you sure the implementation class passed to JavaNetSocketAccess.newSocketImpl(Class<? extends SocketImpl> implClass) is never going to be loaded by a class loader other than bootstrap classloader (the loader of the caller of implClass.getDeclaredConstructor()) and that no unprivileged code will be on the call stack at that time? Do you need to enclose this invocation into doPrivileged() block or do you expect that the caller of JavaNetSocketAccess.newSocketImpl() will do that?
> Regards, Peter
> On 08/31/2016 10:48 PM, Mandy Chung wrote:
>> This patch introduces JavaNetSocketAccess to allow access to non-public ServerSocket constructor that is accessed by some other area as a clean up.
More information about the net-dev