DateTimeZone should load it's provider in an AccessController.doPrivileged block #327
Labels
Comments
|
Happy to accept a PR as you are in a better position to test this than me. |
jodastephen
added a commit
that referenced
this issue
Jan 28, 2016
Guardiola31337
pushed a commit
to Guardiola31337/joda-time
that referenced
this issue
Feb 8, 2016
|
@jodastephen I'm with @s1monw at Elasticsearch. I opened #375 to address this issue so we can close out some user-reported bugs in Elasticsearch since we run under the security manager by default on our current stable releases (and will be non-optional in the next major release). Can we work together to get this integrated and have a version 2.9.4 released? 😄 |
|
The spec for the getResourceAsStream() does not indicate security manager issues, but the JDK typically wraps the code like this, so it seems reasonable. |
|
Thanks @jodastephen! Do you have a timeframe in mind for a patch release that contains #375 (and the additional code you added)? |
|
Done |
|
Thanks @jodastephen! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In elasticsearch we run into a testing issue where due to security manager restrictions the default providers could not be loaded. elastic/elasticsearch#14524 The problem here is really that we can't grant the jar it's needed permissions since it doesn't use a
AccessController.doPrivileged blockto load the privider inhttps://github.com/JodaOrg/joda-time/blob/master/src/main/java/org/joda/time/DateTimeZone.java#L483 I am not sure if there are other places where stuff like this is loaded but there might be
The text was updated successfully, but these errors were encountered: