From a5c6f2076ad1c94608d874712beae8c28583f7ab Mon Sep 17 00:00:00 2001
From: coffeys <unknown>
Date: Thu, 6 Jun 2013 14:10:44 +0100
Subject: [PATCH] 8000450: Restrict access to com/sun/corba/se/impl package
 Reviewed-by: alanb, chegar, lancea

---
 src/share/lib/security/java.security-linux          |  2 ++
 src/share/lib/security/java.security-macosx         |  2 ++
 src/share/lib/security/java.security-solaris        |  2 ++
 src/share/lib/security/java.security-windows        |  2 ++
 .../lang/SecurityManager/CheckPackageAccess.java    | 13 +++++++++----
 5 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux
index 6a4fe65c0..e15ff6793 100644
--- a/src/share/lib/security/java.security-linux
+++ b/src/share/lib/security/java.security-linux
@@ -177,6 +177,7 @@ keystore.type=jks
 # corresponding RuntimePermission ("accessClassInPackage."+package) has
 # been granted.
 package.access=sun.,\
+               com.sun.corba.se.impl.,\
                com.sun.xml.internal.,\
                com.sun.imageio.,\
                com.sun.istack.internal.,\
@@ -218,6 +219,7 @@ package.access=sun.,\
 # checkPackageDefinition.
 #
 package.definition=sun.,\
+                   com.sun.corba.se.impl.,\
                    com.sun.xml.internal.,\
                    com.sun.imageio.,\
                    com.sun.istack.internal.,\
diff --git a/src/share/lib/security/java.security-macosx b/src/share/lib/security/java.security-macosx
index 9f7905dd3..6fde1bc66 100644
--- a/src/share/lib/security/java.security-macosx
+++ b/src/share/lib/security/java.security-macosx
@@ -178,6 +178,7 @@ keystore.type=jks
 # corresponding RuntimePermission ("accessClassInPackage."+package) has
 # been granted.
 package.access=sun.,\
+               com.sun.corba.se.impl.,\
                com.sun.xml.internal.,\
                com.sun.imageio.,\
                com.sun.istack.internal.,\
@@ -219,6 +220,7 @@ package.access=sun.,\
 # checkPackageDefinition.
 #
 package.definition=sun.,\
+                   com.sun.corba.se.impl.,\
                    com.sun.xml.internal.,\
                    com.sun.imageio.,\
                    com.sun.istack.internal.,\
diff --git a/src/share/lib/security/java.security-solaris b/src/share/lib/security/java.security-solaris
index b54d3bea6..b010487bc 100644
--- a/src/share/lib/security/java.security-solaris
+++ b/src/share/lib/security/java.security-solaris
@@ -179,6 +179,7 @@ keystore.type=jks
 # corresponding RuntimePermission ("accessClassInPackage."+package) has
 # been granted.
 package.access=sun.,\
+               com.sun.corba.se.impl.,\
                com.sun.xml.internal.,\
                com.sun.imageio.,\
                com.sun.istack.internal.,\
@@ -219,6 +220,7 @@ package.access=sun.,\
 # checkPackageDefinition.
 #
 package.definition=sun.,\
+                   com.sun.corba.se.impl.,\
                    com.sun.xml.internal.,\
                    com.sun.imageio.,\
                    com.sun.istack.internal.,\
diff --git a/src/share/lib/security/java.security-windows b/src/share/lib/security/java.security-windows
index 9a455b3be..93acdfd8d 100644
--- a/src/share/lib/security/java.security-windows
+++ b/src/share/lib/security/java.security-windows
@@ -178,6 +178,7 @@ keystore.type=jks
 # corresponding RuntimePermission ("accessClassInPackage."+package) has
 # been granted.
 package.access=sun.,\
+               com.sun.corba.se.impl.,\
                com.sun.xml.internal.,\
                com.sun.imageio.,\
                com.sun.istack.internal.,\
@@ -219,6 +220,7 @@ package.access=sun.,\
 # checkPackageDefinition.
 #
 package.definition=sun.,\
+                   com.sun.corba.se.impl.,\
                    com.sun.xml.internal.,\
                    com.sun.imageio.,\
                    com.sun.istack.internal.,\
diff --git a/test/java/lang/SecurityManager/CheckPackageAccess.java b/test/java/lang/SecurityManager/CheckPackageAccess.java
index 6db95eb32..2cd610191 100644
--- a/test/java/lang/SecurityManager/CheckPackageAccess.java
+++ b/test/java/lang/SecurityManager/CheckPackageAccess.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,8 +23,8 @@
 
 /*
  * @test
- * @bug 7146431
- * @summary Test that internal JAXP packages cannot be accessed
+ * @bug 7146431 8000450
+ * @summary Test that internal packages cannot be accessed
  */
 
 public class CheckPackageAccess {
@@ -32,6 +32,7 @@ public class CheckPackageAccess {
     public static void main(String[] args) throws Exception {
 
         String[] pkgs = new String[] {
+            "com.sun.corba.se.impl.",
             "com.sun.org.apache.xerces.internal.utils.",
             "com.sun.org.apache.xalan.internal.utils." };
         SecurityManager sm = new SecurityManager();
@@ -40,7 +41,11 @@ public class CheckPackageAccess {
             System.out.println("Checking package access for " + pkg);
             try {
                 sm.checkPackageAccess(pkg);
-                throw new Exception("Expected SecurityException not thrown");
+                throw new Exception("Expected PackageAccess SecurityException not thrown");
+            } catch (SecurityException se) { }
+            try {
+                sm.checkPackageDefinition(pkg);
+                throw new Exception("Expected PackageDefinition SecurityException not thrown");
             } catch (SecurityException se) { }
         }
     }
-- 
GitLab