Bug ID: JDK-8049247 Redundant permission checks when creating ClassLoaders

JDK-8049247 : Redundant permission checks when creating ClassLoaders

Type: Enhancement
Component: security-libs
Sub-Component: java.security

Priority: P4
Status: Closed
Resolution: Duplicate

Submitted: 2014-07-03
Updated: 2017-05-17
Resolved: 2017-04-10

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

Other
tbd_majorResolved

Related Reports

Duplicate :

JDK-6899533 - SecureClassLoader and URLClassLoader have unnecessary check for createClassLoader permission

Description

The subclasses of ClassLoader (SecureClassLoader, URLClassLoader) perform a redundant "createClassLoader" permission check:

    protected SecureClassLoader() {
        super();
        // this is to make the stack depth consistent with 1.1
        SecurityManager security = System.getSecurityManager();
        if (security != null) {
            security.checkCreateClassLoader();
        }
        initialized = true;
    }

ClassLoader() already performs the check, so SecureClassLoader does 1 xtra check, and URLClassLoader does 2.