river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Firmstone <j...@zeus.net.au>
Subject Re: [jira] [Commented] (RIVER-444) Extract classdep and other tools to a separate project and upgrade to JDK1.8
Date Sun, 21 Dec 2014 01:14:15 GMT
One issue with ProfilingSecurityManager is it depends on private state 
of jvm classes and it uses reflection to access it.  This has always 
bothered me, but I never did anything about it.

We can create a new DebugSecurityManager that extends 
CombinerSecurityManager that performs the same task using only public 
api, this would fit into the runtime tools component.

The reason for the existance of this SecurityManager, is not all 
ProtectionDomain's in the AccessControlContext consult the installed 
policy during a permission check.  Some Protec tionDomain's are given 
their permissions during construction, by consulting the policy at the 
time of their instantiation, however they never again consult the policy 
(depending on the ProtectionDomain constructor used), so using 
DebugDynamicPolicyProvider, we don't know the execution context when 
they requrie these permissions.

Something else to be aware of, is lazy class initialization may alter 
when a ProtectionDomain appears in the AccessControlContext, different 
jvm versions, subtle library or application code revisions or even state 
may determine when classes are initialized by the jvm.

For example, there are occassions when I've had to change policy files 
in the test suite between Java 1.4, 5 and 6 due to changes in the 
execution context.

Cheers,

Peter.

On 15/12/2014 4:39 AM, Greg Trasuk (JIRA) wrote:
>      [ https://issues.apache.org/jira/browse/RIVER-444?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14246047#comment-14246047
]
>
> Greg Trasuk commented on RIVER-444:
> -----------------------------------
>
> ProfilingSecurityManager was removed from the production branch as part of a cleanup
of license headers (it wasn't developed as part of River):
>
> <--Begin commit message -->
> URL: http://svn.apache.org/r1540532 Log: Added Apache license header to
> com.sun.jini.jeri.internal.runtime.SequenceEntry.java (It was part of the
> original code donation).
>
> Remove com.sun.jini.tool.ProfilingSecurityManager. Although its license was
> compatible with AL2.0, it wasn't original to Jini, and it is readily available
> on the web.
> <-- End commit message -->
>


Mime
View raw message