< prev index next >
src/java.base/share/classes/jdk/internal/loader/BuiltinClassLoader.java
Print this page
rev 56007 : 8229773: Resolve permissions for code source URLs lazily
Reviewed-by: alanb, mullan, rriggs, dfuchs
*** 23,34 ****
* questions.
*/
package jdk.internal.loader;
- import java.io.File;
- import java.io.FilePermission;
import java.io.IOException;
import java.io.InputStream;
import java.lang.module.ModuleDescriptor;
import java.lang.module.ModuleReference;
import java.lang.module.ModuleReader;
--- 23,32 ----
*** 38,48 ****
import java.net.URL;
import java.nio.ByteBuffer;
import java.security.AccessController;
import java.security.CodeSigner;
import java.security.CodeSource;
- import java.security.Permission;
import java.security.PermissionCollection;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureClassLoader;
--- 36,45 ----
*** 63,72 ****
--- 60,70 ----
import jdk.internal.access.SharedSecrets;
import jdk.internal.misc.VM;
import jdk.internal.module.ModulePatcher.PatchedModuleReader;
import jdk.internal.module.Resources;
import jdk.internal.vm.annotation.Stable;
+ import sun.security.util.LazyCodeSourcePermissionCollection;
/**
* The platform or application class loader. Resources loaded from modules
* defined to the boot class loader are also loaded via an instance of this
*** 964,1005 ****
/**
* Returns the permissions for the given CodeSource.
*/
@Override
protected PermissionCollection getPermissions(CodeSource cs) {
! PermissionCollection perms = super.getPermissions(cs);
!
! // add the permission to access the resource
! URL url = cs.getLocation();
! if (url == null)
! return perms;
!
! // avoid opening connection when URL is to resource in run-time image
! if (url.getProtocol().equals("jrt")) {
! perms.add(new RuntimePermission("accessSystemModules"));
! return perms;
! }
!
! // open connection to determine the permission needed
! try {
! Permission p = url.openConnection().getPermission();
! if (p != null) {
! // for directories then need recursive access
! if (p instanceof FilePermission) {
! String path = p.getName();
! if (path.endsWith(File.separator)) {
! path += "-";
! p = new FilePermission(path, "read");
}
- }
- perms.add(p);
- }
- } catch (IOException ioe) { }
-
- return perms;
- }
-
// -- miscellaneous supporting methods
/**
* Returns the ModuleReader for the given module, creating it if needed.
--- 962,973 ----
/**
* Returns the permissions for the given CodeSource.
*/
@Override
protected PermissionCollection getPermissions(CodeSource cs) {
! return new LazyCodeSourcePermissionCollection(super.getPermissions(cs), cs);
}
// -- miscellaneous supporting methods
/**
* Returns the ModuleReader for the given module, creating it if needed.
< prev index next >