JDK-8334493 : Remove SecurityManager Permissions infrastructure from DiagnosticCommands
  • Type: Enhancement
  • Component: core-svc
  • Sub-Component: java.lang.management
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2024-06-18
  • Updated: 2024-12-17
  • Resolved: 2024-11-28
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 24
24 b27Fixed
Related Reports
CSR :  
JDK-8344944 - Remove SecurityManager Permission-related metadata fields in com.sun.management.DiagnosticCommandMBean
Duplicate :  
JDK-8344395 - Remove DCmd::permission()
Relates :  
JDK-8338411 - Implement JEP 486: Permanently Disable the Security Manager
Description
The native HotSpot diagnostic commands (DCmd, accessed via "jcmd") contain a 
JavaPermission (C++) object which describes a Java Permission  (almost always a ManagementPermission).

This is irrelevant after SecurityManager removal, and should be removed.
Comments
Changeset: d33ad07c Branch: master Author: Kevin Walls <kevinw@openjdk.org> Date: 2024-11-28 09:54:25 +0000 URL: https://git.openjdk.org/jdk/commit/d33ad07c32f23aee799750c9964ab26d0cbe56f4
28-11-2024
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/22315 Date: 2024-11-22 09:14:30 +0000
22-11-2024
Notes on areas to visit and remove where possible: The class DCmd has the method: static const JavaPermission permission() All DCmd implementations need their permission information removed. class DCmdInfo does not need to contain JavaPermission information (JavaPermission definition to be removed). class DCmdFactory has a permission() accessor method which in DCmdFactoryImpl calls the DCmdClass::permission() src/hotspot/share/services/management.cpp defines jmm_GetDiagnosticCommandInfo This native management function returns an array of DCmdInfo from native to Java, populated from the native information including permissions. DiagnosticCommandMBean provides an interface to HotSpot DCmds, and is aware of the permission class. DiagnosticCommandImpl implements a Wrapper class, which takes a DiagnosticCommandInfo. The execute method performs a SecurityManager permisison check when appropriate.
18-06-2024