< prev index next >

src/java.base/share/classes/jdk/internal/loader/BuiltinClassLoader.java

Print this page
rev 56007 : 8229773: Resolve permissions for code source URLs lazily
Reviewed-by: alanb, mullan, rriggs, dfuchs

*** 23,34 **** * questions. */ package jdk.internal.loader; - import java.io.File; - import java.io.FilePermission; import java.io.IOException; import java.io.InputStream; import java.lang.module.ModuleDescriptor; import java.lang.module.ModuleReference; import java.lang.module.ModuleReader; --- 23,32 ----
*** 38,48 **** import java.net.URL; import java.nio.ByteBuffer; import java.security.AccessController; import java.security.CodeSigner; import java.security.CodeSource; - import java.security.Permission; import java.security.PermissionCollection; import java.security.PrivilegedAction; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.security.SecureClassLoader; --- 36,45 ----
*** 63,72 **** --- 60,70 ---- import jdk.internal.access.SharedSecrets; import jdk.internal.misc.VM; import jdk.internal.module.ModulePatcher.PatchedModuleReader; import jdk.internal.module.Resources; import jdk.internal.vm.annotation.Stable; + import sun.security.util.LazyCodeSourcePermissionCollection; /** * The platform or application class loader. Resources loaded from modules * defined to the boot class loader are also loaded via an instance of this
*** 964,1005 **** /** * Returns the permissions for the given CodeSource. */ @Override protected PermissionCollection getPermissions(CodeSource cs) { ! PermissionCollection perms = super.getPermissions(cs); ! ! // add the permission to access the resource ! URL url = cs.getLocation(); ! if (url == null) ! return perms; ! ! // avoid opening connection when URL is to resource in run-time image ! if (url.getProtocol().equals("jrt")) { ! perms.add(new RuntimePermission("accessSystemModules")); ! return perms; ! } ! ! // open connection to determine the permission needed ! try { ! Permission p = url.openConnection().getPermission(); ! if (p != null) { ! // for directories then need recursive access ! if (p instanceof FilePermission) { ! String path = p.getName(); ! if (path.endsWith(File.separator)) { ! path += "-"; ! p = new FilePermission(path, "read"); } - } - perms.add(p); - } - } catch (IOException ioe) { } - - return perms; - } - // -- miscellaneous supporting methods /** * Returns the ModuleReader for the given module, creating it if needed. --- 962,973 ---- /** * Returns the permissions for the given CodeSource. */ @Override protected PermissionCollection getPermissions(CodeSource cs) { ! return new LazyCodeSourcePermissionCollection(super.getPermissions(cs), cs); } // -- miscellaneous supporting methods /** * Returns the ModuleReader for the given module, creating it if needed.
< prev index next >