archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 14:54:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

6899533: SecureClassLoader and URLClassLoader have unnecessary check for createClassLoader permission

Browse source 
Remove code that is no longer necessary now that pre-JDK 1.2 SecurityManager methods are not supported.

Reviewed-by: mchung
This commit is contained in:
Sean Mullan 2018-09-07 08:02:51 -04:00
parent 052a740695
commit 59d3b2ccfa
2 changed files with 2 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

37
src/java.base/share/classes/java/net/URLClassLoader.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -111,11 +111,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
*/ */
public URLClassLoader(URL[] urls, ClassLoader parent) { public URLClassLoader(URL[] urls, ClassLoader parent) {
super(parent); super(parent);
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
this.acc = AccessController.getContext(); this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, acc); this.ucp = new URLClassPath(urls, acc);
} }
@ -123,11 +118,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
URLClassLoader(String name, URL[] urls, ClassLoader parent, URLClassLoader(String name, URL[] urls, ClassLoader parent,
AccessControlContext acc) { AccessControlContext acc) {
super(name, parent); super(name, parent);
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
this.acc = acc; this.acc = acc;
this.ucp = new URLClassPath(urls, acc); this.ucp = new URLClassPath(urls, acc);
} }
@ -156,22 +146,12 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
*/ */
public URLClassLoader(URL[] urls) { public URLClassLoader(URL[] urls) {
super(); super();
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
this.acc = AccessController.getContext(); this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, acc); this.ucp = new URLClassPath(urls, acc);
} }
URLClassLoader(URL[] urls, AccessControlContext acc) { URLClassLoader(URL[] urls, AccessControlContext acc) {
super(); super();
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
this.acc = acc; this.acc = acc;
this.ucp = new URLClassPath(urls, acc); this.ucp = new URLClassPath(urls, acc);
} }
@ -201,11 +181,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
public URLClassLoader(URL[] urls, ClassLoader parent, public URLClassLoader(URL[] urls, ClassLoader parent,
URLStreamHandlerFactory factory) { URLStreamHandlerFactory factory) {
super(parent); super(parent);
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
this.acc = AccessController.getContext(); this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, factory, acc); this.ucp = new URLClassPath(urls, factory, acc);
} }
@ -238,11 +213,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
URL[] urls, URL[] urls,
ClassLoader parent) { ClassLoader parent) {
super(name, parent); super(name, parent);
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
this.acc = AccessController.getContext(); this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, acc); this.ucp = new URLClassPath(urls, acc);
} }
@ -273,11 +243,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
public URLClassLoader(String name, URL[] urls, ClassLoader parent, public URLClassLoader(String name, URL[] urls, ClassLoader parent,
URLStreamHandlerFactory factory) { URLStreamHandlerFactory factory) {
super(name, parent); super(name, parent);
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
this.acc = AccessController.getContext(); this.acc = AccessController.getContext();
this.ucp = new URLClassPath(urls, factory, acc); this.ucp = new URLClassPath(urls, factory, acc);
} }

35
src/java.base/share/classes/java/security/SecureClassLoader.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -42,12 +42,6 @@ import sun.security.util.Debug;
* @since 1.2 * @since 1.2
*/ */
public class SecureClassLoader extends ClassLoader { public class SecureClassLoader extends ClassLoader {
/*
* If initialization succeed this is set to true and security checks will
* succeed. Otherwise the object is not initialized and the object is
* useless.
*/
private final boolean initialized;
/* /*
* Map that maps the CodeSource to a ProtectionDomain. The key is a * Map that maps the CodeSource to a ProtectionDomain. The key is a
@ -81,12 +75,6 @@ public class SecureClassLoader extends ClassLoader {
*/ */
protected SecureClassLoader(ClassLoader parent) { protected SecureClassLoader(ClassLoader parent) {
super(parent); super(parent);
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
initialized = true;
} }
/** /**
@ -104,12 +92,6 @@ public class SecureClassLoader extends ClassLoader {
*/ */
protected SecureClassLoader() { protected SecureClassLoader() {
super(); super();
// this is to make the stack depth consistent with 1.1
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
initialized = true;
} }
/** /**
@ -130,11 +112,6 @@ public class SecureClassLoader extends ClassLoader {
*/ */
protected SecureClassLoader(String name, ClassLoader parent) { protected SecureClassLoader(String name, ClassLoader parent) {
super(name, parent); super(name, parent);
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
}
initialized = true;
} }
/** /**
@ -220,7 +197,6 @@ public class SecureClassLoader extends ClassLoader {
*/ */
protected PermissionCollection getPermissions(CodeSource codesource) protected PermissionCollection getPermissions(CodeSource codesource)
{ {
check();
return new Permissions(); // ProtectionDomain defers the binding return new Permissions(); // ProtectionDomain defers the binding
} }
@ -260,15 +236,6 @@ public class SecureClassLoader extends ClassLoader {
}); });
} }
/*
* Check to make sure the class loader has been initialized.
*/
private void check() {
if (!initialized) {
throw new SecurityException("ClassLoader object not initialized");
}
}
private static class CodeSourceKey { private static class CodeSourceKey {
private final CodeSource cs; private final CodeSource cs;