RFR:8159526 Deprivilege jdk.httpserver
sean.mullan at oracle.com
Tue Sep 12 15:46:04 UTC 2017
On 9/12/17 4:06 AM, vyom tewari wrote:
> Please review the below code change.
> BugId: https://bugs.openjdk.java.net/browse/JDK-8159526
> Webrev-1: http://cr.openjdk.java.net/~vtewari/8159526/jdk/webrev/index.html
Can you put the entry for jdk.httpserver after jdk.dynalink so you
maintain the alphabetical ordering?
Also, are there any tests for the jdk.httpserver module that use the
SecurityManager? It would be good to have at least one test that checks
that it properly gets granted AllPermission when doing something
security-sensitive (it seems like nothing should go wrong, but ...).
> Code change will De-privilege jdk.httpserver, we gave "jdk.httpserver"
> all permission for now.
More information about the core-libs-dev