Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8066640

clarify security checks in ObjectInputStream.enableResolveObject and ObjectOutputStream.enableReplaceObject

    Details

    • Subcomponent:
    • Resolved In Build:
      b162
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Not verified

      Backports

        Description

        The specification for this method is as follows, in part:

        ==========
        protected boolean enableReplaceObject(boolean enable) throws SecurityException

        ...

        If enable is true, and there is a security manager installed, this method first calls the security manager's checkPermission method....
        ==========

        This does not match the implementation. The implementation will only issue the security check if object replacement is not enabled and enableReplaceObject(true) is called.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  smarks Stuart Marks
                  Reporter:
                  smarks Stuart Marks
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  6 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: