Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8159526

Deprivilege jdk.httpserver

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 9, 10
    • Fix Version/s: 10
    • Component/s: core-libs
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b25

      Description

      jdk.httpserver should be moved to the platform class loader and granted with specific permission.

      Moving to the platform class loader is trivial:

      diff --git a/make/common/Modules.gmk b/make/common/Modules.gmk
      --- a/make/common/Modules.gmk
      +++ b/make/common/Modules.gmk
      @@ -59,7 +59,6 @@
           java.security.sasl \
           java.xml \
           java.xml.crypto \
      - jdk.httpserver \
           jdk.management \
           jdk.net \
           jdk.sctp \
      @@ -111,6 +110,7 @@
           jdk.crypto.ec \
           jdk.crypto.pkcs11 \
           jdk.dynalink \
      + jdk.httpserver \
           jdk.jsobject \
           jdk.xml.dom \
           jdk.localedata \

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              vtewari Vyom Tewari
              Reporter:
              mchung Mandy Chung
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: