[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cp-patches] Patch: remove bogus ServerSocket security check
From: |
Anthony Green |
Subject: |
Re: [cp-patches] Patch: remove bogus ServerSocket security check |
Date: |
Sat, 14 Jan 2006 19:16:46 -0800 |
On Tue, 2005-12-27 at 00:33 -0700, Tom Tromey wrote:
> Anthony> Ok to apply?
>
> Really the FIXME belongs in implAccept, IMO.
> Otherwise ok.
Thanks. I've applied this patch to Classpath, as well as the GCC trunk
and 4.1 branch.
2006-01-14 Anthony Green <address@hidden>
* java/net/ServerSocket.java (accept): Remove bogus
security check.
(implAccept): Add FIXME comment.
--- classpath/java/net/ServerSocket.java~ 2005-11-16 01:03:51.000000000
-0800
+++ classpath/java/net/ServerSocket.java 2006-01-14 16:18:39.000000000
-0800
@@ -314,11 +314,6 @@
*/
public Socket accept() throws IOException
{
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkAccept(impl.getInetAddress().getHostAddress(),
- impl.getLocalPort());
-
Socket socket = new Socket();
try
@@ -360,6 +355,9 @@
if (isClosed())
throw new SocketException("ServerSocket is closed");
+ // FIXME: Add a security check to make sure we're allowed to
+ // connect to the remote host.
+
// The Sun spec says that if we have an associated channel and
// it is in non-blocking mode, we throw an IllegalBlockingModeException.
// However, in our implementation if the channel itself initiated this