Improve integration with Java's security manager
Description
Currently we wrap all reflection calls in PrivilegedAction. This way Validators need the following grants in the policy file:
However, this also means that a user might now use ReflectionHelper to execute reflection calls which otherwise would be no allowed. To prevent this we need a Validator specific permission type. Something like this:
Environment
None
Status
Assignee
Gunnar Morling
Reporter
Hardy Ferentschik
Labels
None
Feedback Requested
None
Feedback Requested By
None
backPortable
None
Suitable for new contributors
None
Pull Request
None
backportDecision
None
backportReEvaluate
None
Components
Fix versions
Affects versions
Priority
MajorConfigure