ForkJoinPool threads - enable Permission support for SM. #28
Comments
|
Note the common pool and default ForkJoinWorkerThreadFactory will remain unchanged, with no permissions, any worker tasks submitted to the common pool will be unable to load classes (from jar files that haven't yet loaded) or perform serialization etc. |
|
Working on solving test failures in jtreg:test/jdk/java/util/concurrent/tck/JSR166TestCase.java I've found that relying on a provider for permission checks is not a good idea, as failure to resolve the provider can be difficult to diagnose, with missing permissions. ForkJoinPool worker threads are impacted by LoadClassPermission and SerialObjectPermission as these cannot obtain privileges by policy. |
|
Note this also includes fixes to ForkJoinPool tests that failed due to the introduction of LoadClassPermission and SerialObjectPermission. |
ForkJoinPool's worker threads have no permissions when run with SecurityManager enabled, this would have made sense with the poor performance of the Policy provider implementation, however this means it's not possible to grant LoadClassPermission or SerialObjectPermission.
CombinerSecurityManager has a non blocking cache, storing the AccessControlContext permission result means that repeated permission checks don't occur.
The text was updated successfully, but these errors were encountered: