Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8189116: Give the jdk.internal.vm.compiler.management only the permissions it really needs to expose the bean
authorjtulach
Fri, 10 Nov 2017 10:30:42 +0100
changeset 48130 998c88ae423a
parent 48129 c134a8bee21a
child 48131 235a18d659fc
8189116: Give the jdk.internal.vm.compiler.management only the permissions it really needs to expose the bean Reviewed-by: mchung, kvn
src/java.base/share/lib/security/default.policy file | annotate | diff | comparison | revisions 
--- a/src/java.base/share/lib/security/default.policy	Mon Nov 27 17:26:47 2017 +0000
+++ b/src/java.base/share/lib/security/default.policy	Fri Nov 10 10:30:42 2017 +0100
@@ -155,7 +155,10 @@
 };
 
 grant codeBase "jrt:/jdk.internal.vm.compiler.management" {
-    permission java.security.AllPermission;
+    permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot";
+    permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.runtime";
+    permission java.lang.RuntimePermission "accessClassInPackage.sun.management.spi";
+    permission java.lang.RuntimePermission "sun.management.spi.PlatformMBeanProvider.subclass";
 };
 
 grant codeBase "jrt:/jdk.jsobject" {
jdk-sandbox