8344949: javax.security.auth.Subject.SecureSet.writeObject does not do a security check anymore

Reviewed-by: alanb
2024-11-26 14:21:01 +00:00 · 2024-11-26 14:21:01 +00:00 · 86d527f987
commit 86d527f987
parent f0b72f728d
1 changed files with 0 additions and 6 deletions
--- a/src/java.base/share/classes/javax/security/auth/Subject.java
+++ b/src/java.base/share/classes/javax/security/auth/Subject.java
@ -1418,12 +1418,6 @@ public final class Subject implements java.io.Serializable {
        /**
         * Writes this object out to a stream (i.e., serializes it).
         *
-         * @serialData If this is a private credential set,
-         *      a security check is performed to ensure that
-         *      the caller has permission to access each credential
-         *      in the set.  If the security check passes,
-         *      the set is serialized.
-         *
         * @param  oos the {@code ObjectOutputStream} to which data is written
         * @throws IOException if an I/O error occurs
         */