From ec9b7d57ac7490520769912f6c3f75f1b6e383cb Mon Sep 17 00:00:00 2001 From: Frederic Parain Date: Wed, 1 Feb 2012 03:52:37 -0800 Subject: [PATCH] 7120974: ManagementPermission "control" needs clarification Reviewed-by: mchung, dholmes --- .../lang/management/ManagementPermission.java | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/jdk/src/share/classes/java/lang/management/ManagementPermission.java b/jdk/src/share/classes/java/lang/management/ManagementPermission.java index bf27f1dd1ae..6df6f1e3d42 100644 --- a/jdk/src/share/classes/java/lang/management/ManagementPermission.java +++ b/jdk/src/share/classes/java/lang/management/ManagementPermission.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -46,12 +46,17 @@ at the permission allows, and associated risks"> * * control * Ability to control the runtime characteristics of the Java virtual - * machine, for example, setting the -verbose:gc and -verbose:class flag, - * setting the threshold of a memory pool, and enabling and disabling - * the thread contention monitoring support. + * machine, for example, enabling and disabling the verbose output for + * the class loading or memory system, setting the threshold of a memory + * pool, and enabling and disabling the thread contention monitoring + * support. Some actions controlled by this permission can disclose + * information about the running application, like the -verbose:class + * flag. * * This allows an attacker to control the runtime characteristics - * of the Java virtual machine and cause the system to misbehave. + * of the Java virtual machine and cause the system to misbehave. An + * attacker can also access some information related to the running + * application. * * *