7180225: SecurityExceptions not defined in some class loader methods
Reviewed-by: mchung, mullan
--- a/jdk/src/java.base/share/classes/java/lang/Class.java Tue Aug 23 10:38:01 2016 -0700
+++ b/jdk/src/java.base/share/classes/java/lang/Class.java Tue Aug 23 10:49:15 2016 -0700
@@ -331,12 +331,6 @@
* Note that this method does not check whether the requested class
* is accessible to its caller.
*
- * <p> If the {@code loader} is {@code null}, and a security
- * manager is present, and the caller's class loader is not null, then this
- * method calls the security manager's {@code checkPermission} method
- * with a {@code RuntimePermission("getClassLoader")} permission to
- * ensure it's ok to access the bootstrap class loader.
- *
* @param name fully qualified name of the desired class
* @param initialize if {@code true} the class will be initialized.
* See Section 12.4 of <em>The Java Language Specification</em>.
@@ -348,6 +342,11 @@
* by this method fails
* @exception ClassNotFoundException if the class cannot be located by
* the specified class loader
+ * @exception SecurityException
+ * if a security manager is present, and the {@code loader} is
+ * {@code null}, and the caller's class loader is not
+ * {@code null}, and the caller does not have the
+ * {@link RuntimePermission}{@code ("getClassLoader")}
*
* @see java.lang.Class#forName(String)
* @see java.lang.ClassLoader
@@ -782,22 +781,17 @@
* null in such implementations if this class was loaded by the bootstrap
* class loader.
*
- * <p> If a security manager is present, and the caller's class loader is
- * not null and the caller's class loader is not the same as or an ancestor of
- * the class loader for the class whose class loader is requested, then
- * this method calls the security manager's {@code checkPermission}
- * method with a {@code RuntimePermission("getClassLoader")}
- * permission to ensure it's ok to access the class loader for the class.
- *
* <p>If this object
* represents a primitive type or void, null is returned.
*
* @return the class loader that loaded the class or interface
* represented by this object.
- * @throws SecurityException
- * if a security manager exists and its
- * {@code checkPermission} method denies
- * access to the class loader for the class.
+ * @throws SecurityException
+ * if a security manager is present, and the caller's class loader
+ * is not {@code null} and is not the same as or an ancestor of the
+ * class loader for the class whose class loader is requested,
+ * and the caller does not have the
+ * {@link RuntimePermission}{@code ("getClassLoader")}
* @see java.lang.ClassLoader
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
--- a/jdk/src/java.base/share/classes/java/lang/ClassLoader.java Tue Aug 23 10:38:01 2016 -0700
+++ b/jdk/src/java.base/share/classes/java/lang/ClassLoader.java Tue Aug 23 10:49:15 2016 -0700
@@ -1537,22 +1537,13 @@
* will return <tt>null</tt> in such implementations if this class loader's
* parent is the bootstrap class loader.
*
- * <p> If a security manager is present, and the invoker's class loader is
- * not <tt>null</tt> and is not an ancestor of this class loader, then this
- * method invokes the security manager's {@link
- * SecurityManager#checkPermission(java.security.Permission)
- * <tt>checkPermission</tt>} method with a {@link
- * RuntimePermission#RuntimePermission(String)
- * <tt>RuntimePermission("getClassLoader")</tt>} permission to verify
- * access to the parent class loader is permitted. If not, a
- * <tt>SecurityException</tt> will be thrown. </p>
- *
* @return The parent <tt>ClassLoader</tt>
*
* @throws SecurityException
- * If a security manager exists and its <tt>checkPermission</tt>
- * method doesn't allow access to this class loader's parent class
- * loader.
+ * If a security manager is present, and the caller's class loader
+ * is not {@code null} and is not an ancestor of this class loader,
+ * and the caller does not have the
+ * {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 1.2
*/
@@ -1590,12 +1581,11 @@
* @return The platform {@code ClassLoader}.
*
* @throws SecurityException
- * If a security manager exists and the caller's class loader is
- * not {@code null} and the caller's class loader is not the same
+ * If a security manager is present, and the caller's class loader is
+ * not {@code null}, and the caller's class loader is not the same
* as or an ancestor of the platform class loader,
- * and the {@link SecurityManager#checkPermission(java.security.Permission)
- * checkPermission} method denies {@code RuntimePermission("getClassLoader")}
- * to access the platform class loader.
+ * and the caller does not have the
+ * {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 9
*/
@@ -1636,17 +1626,6 @@
* If circular initialization of the system class loader is detected then
* an unspecified error or exception is thrown.
*
- * <p> If a security manager is present, and the invoker's class loader is
- * not <tt>null</tt> and the invoker's class loader is not the same as or
- * an ancestor of the system class loader, then this method invokes the
- * security manager's {@link
- * SecurityManager#checkPermission(java.security.Permission)
- * <tt>checkPermission</tt>} method with a {@link
- * RuntimePermission#RuntimePermission(String)
- * <tt>RuntimePermission("getClassLoader")</tt>} permission to verify
- * access to the system class loader. If not, a
- * <tt>SecurityException</tt> will be thrown. </p>
- *
* @implNote The system property to override the system class loader is not
* examined until the VM is almost fully initialized. Code that executes
* this method during startup should take care not to cache the return
@@ -1656,8 +1635,10 @@
* <tt>null</tt> if none
*
* @throws SecurityException
- * If a security manager exists and its <tt>checkPermission</tt>
- * method doesn't allow access to the system class loader.
+ * If a security manager is present, and the caller's class loader
+ * is not {@code null} and is not the same as or an ancestor of the
+ * system class loader, and the caller does not have the
+ * {@link RuntimePermission}{@code ("getClassLoader")}
*
* @throws IllegalStateException
* If invoked recursively during the construction of the class
--- a/jdk/src/java.base/share/classes/java/lang/Thread.java Tue Aug 23 10:38:01 2016 -0700
+++ b/jdk/src/java.base/share/classes/java/lang/Thread.java Tue Aug 23 10:49:15 2016 -0700
@@ -1507,28 +1507,25 @@
}
/**
- * Returns the context ClassLoader for this Thread. The context
- * ClassLoader is provided by the creator of the thread for use
+ * Returns the context {@code ClassLoader} for this thread. The context
+ * {@code ClassLoader} is provided by the creator of the thread for use
* by code running in this thread when loading classes and resources.
* If not {@linkplain #setContextClassLoader set}, the default is the
- * ClassLoader context of the parent Thread. The context ClassLoader of the
+ * {@code ClassLoader} context of the parent thread. The context
+ * {@code ClassLoader} of the
* primordial thread is typically set to the class loader used to load the
* application.
*
- * <p>If a security manager is present, and the invoker's class loader is not
- * {@code null} and is not the same as or an ancestor of the context class
- * loader, then this method invokes the security manager's {@link
- * SecurityManager#checkPermission(java.security.Permission) checkPermission}
- * method with a {@link RuntimePermission RuntimePermission}{@code
- * ("getClassLoader")} permission to verify that retrieval of the context
- * class loader is permitted.
*
- * @return the context ClassLoader for this Thread, or {@code null}
+ * @return the context {@code ClassLoader} for this thread, or {@code null}
* indicating the system class loader (or, failing that, the
* bootstrap class loader)
*
* @throws SecurityException
- * if the current thread cannot get the context ClassLoader
+ * if a security manager is present, and the caller's class loader
+ * is not {@code null} and is not the same as or an ancestor of the
+ * context class loader, and the caller does not have the
+ * {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 1.2
*/