# HG changeset patch
# User smarks
# Date 1435275844 25200
# Node ID ef7d99d1e5311d9f171b743e49392a8fc2271832
# Parent  4428afbe11bdc8cffa76d889a758990e8edabd58
8080688: Service for DGC services
Reviewed-by: skoivu, igerasim, jeff

diff -r 4428afbe11bd -r ef7d99d1e531 jdk/src/java.rmi/share/classes/sun/rmi/transport/DGCImpl.java
--- a/jdk/src/java.rmi/share/classes/sun/rmi/transport/DGCImpl.java	Thu Jun 25 15:00:08 2015 -0500
+++ b/jdk/src/java.rmi/share/classes/sun/rmi/transport/DGCImpl.java	Thu Jun 25 16:44:04 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
  */
 package sun.rmi.transport;
 
+import java.net.SocketPermission;
 import java.rmi.Remote;
 import java.rmi.RemoteException;
 import java.rmi.dgc.DGC;
@@ -33,8 +34,11 @@
 import java.rmi.server.ObjID;
 import java.rmi.server.RemoteServer;
 import java.rmi.server.ServerNotActiveException;
+import java.security.AccessControlContext;
 import java.security.AccessController;
+import java.security.Permissions;
 import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.HashMap;
@@ -294,8 +298,19 @@
                             Util.createProxy(DGCImpl.class,
                                              new UnicastRef(ref), true);
                         disp.setSkeleton(dgc);
-                        Target target =
-                            new Target(dgc, disp, stub, dgcID, true);
+
+                        Permissions perms = new Permissions();
+                        perms.add(new SocketPermission("*", "accept,resolve"));
+                        ProtectionDomain[] pd = { new ProtectionDomain(null, perms) };
+                        AccessControlContext acceptAcc = new AccessControlContext(pd);
+
+                        Target target = AccessController.doPrivileged(
+                            new PrivilegedAction<Target>() {
+                                public Target run() {
+                                    return new Target(dgc, disp, stub, dgcID, true);
+                                }
+                            }, acceptAcc);
+
                         ObjectTable.putTarget(target);
                     } catch (RemoteException e) {
                         throw new Error(