Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8199309

[Nestmates] The new Class nestmate methods should have SecurityManager checks

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: repo-valhalla
    • Fix Version/s: repo-valhalla
    • Component/s: core-libs
    • Labels:

      Description

      Mandy writes:

      > I think Class::getNestHost and Class::getNestMembers should do a security
      > permission check as performed in other method e.g. getEnclosingClass.
      >
      > * @throws SecurityException
      > * If a security manager, <i>s</i>, is present and
      > * the caller's class loader is not the same as or an
      > * ancestor of the class loader for the current class and
      > * invocation of {@link SecurityManager#checkPackageAccess
      > * s.checkPackageAccess()} denies access to the package
      > * of this class
      > *

      This seems not completely unreasonable. Should they also be @CallerSensitive?

      But it is contrary to getNestHost()s design of never throwing an exception. So this needs more consideration.

        Attachments

          Activity

            People

            • Assignee:
              dholmes David Holmes
              Reporter:
              dholmes David Holmes
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: