Need help with porting stuff out of classDepth

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Need help with porting stuff out of classDepth

Fridrich Strba
Hello, good people,

After removing some deprecated SecurityManager methods in jdk10, I am
trying to build libbluray, but there is this snippet that obviously is
broken with jdk10:

        if (perm instanceof RuntimePermission) {
            if (perm.implies(new
RuntimePermission("createSecurityManager"))) {

                // allow initializing of javax.crypto.JceSecurityManager
                if (classDepth("javax.crypto.JceSecurityManager") < 3) {
                    return;
                }

                deny(perm);
            }
            if (perm.implies(new RuntimePermission("setSecurityManager"))) {
                if (classDepth("org.videolan.Libbluray") == 3) {
                    return;
                }
                deny(perm);
            }

            // work around bug in openjdk 7 / 8
            // sun.awt.AWTAutoShutdown.notifyThreadBusy is missing
doPrivileged()
            // (fixed in jdk9 /
http://hg.openjdk.java.net/jdk9/client/jdk/rev/5b613a3c04be )
            if (classDepth("sun.awt.AWTAutoShutdown") > 0) {
                return;
            }

            if (perm.implies(new RuntimePermission("modifyThreadGroup"))) {
                /* do check here (no need to log failures) */
                super.checkPermission(perm);
            }
        }

Could you please enlighten me how to port it out of the classDepth in a
way that it would work with jdk8 to jdk10?

Cheers

F.




signature.asc (201 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Need help with porting stuff out of classDepth

Alan Bateman
On 18/12/2017 16:28, Fridrich Strba wrote:
> Hello, good people,
>
> After removing some deprecated SecurityManager methods in jdk10, I am
> trying to build libbluray, but there is this snippet that obviously is
> broken with jdk10:
classDepth has been deprecated since 1.2 (1998) so it's surprising to
see a security manager still using it.

It this just old code or is there a good reason why it works this way?
It probably could be modified to use the StackWalker API but it would be
brittle (as it is now). I guess I would have expected to see it calling
checkPermission as it seems to do for the modifyThreadGroup target.

-Alan