< prev index next >
src/java.base/share/classes/jdk/internal/loader/BuiltinClassLoader.java
Print this page
rev 56007 : 8229773: Resolve permissions for code source URLs lazily
Reviewed-by: alanb, mullan, rriggs, dfuchs
@@ -23,12 +23,10 @@
* questions.
*/
package jdk.internal.loader;
-import java.io.File;
-import java.io.FilePermission;
import java.io.IOException;
import java.io.InputStream;
import java.lang.module.ModuleDescriptor;
import java.lang.module.ModuleReference;
import java.lang.module.ModuleReader;
@@ -38,11 +36,10 @@
import java.net.URL;
import java.nio.ByteBuffer;
import java.security.AccessController;
import java.security.CodeSigner;
import java.security.CodeSource;
-import java.security.Permission;
import java.security.PermissionCollection;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureClassLoader;
@@ -63,10 +60,11 @@
import jdk.internal.access.SharedSecrets;
import jdk.internal.misc.VM;
import jdk.internal.module.ModulePatcher.PatchedModuleReader;
import jdk.internal.module.Resources;
import jdk.internal.vm.annotation.Stable;
+import sun.security.util.LazyCodeSourcePermissionCollection;
/**
* The platform or application class loader. Resources loaded from modules
* defined to the boot class loader are also loaded via an instance of this
@@ -964,42 +962,12 @@
/**
* Returns the permissions for the given CodeSource.
*/
@Override
protected PermissionCollection getPermissions(CodeSource cs) {
- PermissionCollection perms = super.getPermissions(cs);
-
- // add the permission to access the resource
- URL url = cs.getLocation();
- if (url == null)
- return perms;
-
- // avoid opening connection when URL is to resource in run-time image
- if (url.getProtocol().equals("jrt")) {
- perms.add(new RuntimePermission("accessSystemModules"));
- return perms;
- }
-
- // open connection to determine the permission needed
- try {
- Permission p = url.openConnection().getPermission();
- if (p != null) {
- // for directories then need recursive access
- if (p instanceof FilePermission) {
- String path = p.getName();
- if (path.endsWith(File.separator)) {
- path += "-";
- p = new FilePermission(path, "read");
+ return new LazyCodeSourcePermissionCollection(super.getPermissions(cs), cs);
}
- }
- perms.add(p);
- }
- } catch (IOException ioe) { }
-
- return perms;
- }
-
// -- miscellaneous supporting methods
/**
* Returns the ModuleReader for the given module, creating it if needed.
< prev index next >