--- old/test/lib/jdk/test/lib/Platform.java 2018-08-31 11:36:27.000000000 -0700 +++ new/test/lib/jdk/test/lib/Platform.java 2018-08-31 11:36:27.000000000 -0700 @@ -31,20 +31,24 @@ import java.util.Objects; import java.util.regex.Pattern; import java.util.stream.Collectors; +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; public class Platform { - public static final String vmName = System.getProperty("java.vm.name"); - public static final String vmInfo = System.getProperty("java.vm.info"); - private static final String osVersion = System.getProperty("os.version"); + public static final String vmName = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("java.vm.name")); + public static final String vmInfo = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("java.vm.info")); + private static final String osVersion = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("os.version")); private static int osVersionMajor = -1; private static int osVersionMinor = -1; - private static final String osName = System.getProperty("os.name"); - private static final String dataModel = System.getProperty("sun.arch.data.model"); - private static final String vmVersion = System.getProperty("java.vm.version"); - private static final String jdkDebug = System.getProperty("jdk.debug"); - private static final String osArch = System.getProperty("os.arch"); - private static final String userName = System.getProperty("user.name"); - private static final String compiler = System.getProperty("sun.management.compiler"); + private static final String osName = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("os.name")); + private static final String dataModel = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("sun.arch.data.model")); + private static final String vmVersion = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("java.vm.version")); + private static final String jdkDebug = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("jdk.debug")); + private static final String osArch = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("os.arch")); + private static final String userName = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("user.name")); + private static final String compiler = AccessController.doPrivileged((PrivilegedAction) () -> System.getProperty("sun.management.compiler")); public static boolean isClient() { return vmName.endsWith(" Client VM"); @@ -254,10 +258,15 @@ // SELinux deny_ptrace: File deny_ptrace = new File("/sys/fs/selinux/booleans/deny_ptrace"); if (deny_ptrace.exists()) { - try (RandomAccessFile file = new RandomAccessFile(deny_ptrace, "r")) { + try (RandomAccessFile file = AccessController.doPrivileged( + (PrivilegedExceptionAction) () -> new RandomAccessFile(deny_ptrace, "r"))) { if (file.readByte() != '0') { return false; } + } catch (PrivilegedActionException e) { + @SuppressWarnings("unchecked") + IOException t = (IOException) e.getException(); + throw t; } } @@ -268,7 +277,8 @@ // 3 - no attach: no processes may use ptrace with PTRACE_ATTACH File ptrace_scope = new File("/proc/sys/kernel/yama/ptrace_scope"); if (ptrace_scope.exists()) { - try (RandomAccessFile file = new RandomAccessFile(ptrace_scope, "r")) { + try (RandomAccessFile file = AccessController.doPrivileged( + (PrivilegedExceptionAction) () -> new RandomAccessFile(ptrace_scope, "r"))) { byte yama_scope = file.readByte(); if (yama_scope == '3') { return false; @@ -277,6 +287,10 @@ if (!userName.equals("root") && yama_scope != '0') { return false; } + } catch (PrivilegedActionException e) { + @SuppressWarnings("unchecked") + IOException t = (IOException) e.getException(); + throw t; } } // Otherwise expect to be permitted: