Bug 46773 - [METABUG] Calling Policy.setPolicy with a new Policy object has no effect on the DefaultSecurityManager
Summary: [METABUG] Calling Policy.setPolicy with a new Policy object has no effect on ...
Status: RESOLVED FIXED
Alias: None
Product: classpath
Classification: Unclassified
Component: classpath (show other bugs)
Version: 0.98
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on: 46774 46775
Blocks:
  Show dependency treegraph
 
Reported: 2010-12-03 00:29 UTC by Andrew John Hughes
Modified: 2010-12-20 20:58 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew John Hughes 2010-12-03 00:29:12 UTC
As shown by running this new Mauve test:

http://sources.redhat.com/cgi-bin/cvsweb.cgi/mauve/gnu/testlet/java/security/Policy/setPolicy.java?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=mauve

calling setPolicy has no effect on the default SecurityManager implementation provided by GNU Classapath.

This is because VMAccessController creates ProtectionDomain objects using the two argument constructor which uses static permissions.  The four argument constructor should be used instead so the policy is consulted.

Fixing this requires changes in a VM class which seems to have local copies in most Classpath VMs (at least CACAO, gij and jamvm).  This metabug thus tracks fixing the issue separately in both gcj and Classpath's reference copy.
Comment 1 Andrew John Hughes 2010-12-20 20:40:00 UTC
Patched in both GNU Classpath and JamVM.

Reported to:

* CACAO: http://server.complang.tuwien.ac.at/cgi-bin/bugzilla/show_bug.cgi?id=152
* JamVM
Comment 2 Andrew John Hughes 2010-12-20 20:40:54 UTC
Above should say 'Patched in both GNU Classpath and GCJ' :-)