RFR[10]:8159526 Deprivilege jdk.httpserver

Sean Mullan sean.mullan at oracle.com
Tue Sep 12 15:46:04 UTC 2017

On 9/12/17 4:06 AM, vyom tewari wrote:
> Hi,
> Please review the below code change.
> BugId: https://bugs.openjdk.java.net/browse/JDK-8159526
> Webrev-1: http://cr.openjdk.java.net/~vtewari/8159526/jdk/webrev/index.html

Can you put the entry for jdk.httpserver after jdk.dynalink so you 
maintain the alphabetical ordering?

Also, are there any tests for the jdk.httpserver module that use the 
SecurityManager? It would be good to have at least one test that checks 
that it properly gets granted AllPermission when doing something 
security-sensitive (it seems like nothing should go wrong, but ...).


> Webrev-2: 
> http://cr.openjdk.java.net/~vtewari/8159526/root/webrev/index.html
> Code change will De-privilege jdk.httpserver, we gave "jdk.httpserver" 
> all permission for now.
> Thanks,
> Vyom

More information about the core-libs-dev mailing list