OpenJDK / jdk8u / jdk8u / jdk

--- a/src/share/classes/java/net/URLClassLoader.java	Thu Aug 11 14:16:21 2016 +0100
+++ b/src/share/classes/java/net/URLClassLoader.java	Tue Aug 16 16:09:00 2016 +0100
@@ -103,8 +103,8 @@
         if (security != null) {
             security.checkCreateClassLoader();
         }
-        ucp = new URLClassPath(urls);
         this.acc = AccessController.getContext();
+        ucp = new URLClassPath(urls, acc);
     }

     URLClassLoader(URL[] urls, ClassLoader parent,
@@ -115,8 +115,8 @@
         if (security != null) {
             security.checkCreateClassLoader();
         }
-        ucp = new URLClassPath(urls);
         this.acc = acc;
+        ucp = new URLClassPath(urls, acc);
     }

     /**
@@ -147,8 +147,8 @@
         if (security != null) {
             security.checkCreateClassLoader();
         }
-        ucp = new URLClassPath(urls);
         this.acc = AccessController.getContext();
+        ucp = new URLClassPath(urls, acc);
     }

     URLClassLoader(URL[] urls, AccessControlContext acc) {
@@ -158,8 +158,8 @@
         if (security != null) {
             security.checkCreateClassLoader();
         }
-        ucp = new URLClassPath(urls);
         this.acc = acc;
+        ucp = new URLClassPath(urls, acc);
     }

     /**
@@ -191,8 +191,8 @@
         if (security != null) {
             security.checkCreateClassLoader();
         }
-        ucp = new URLClassPath(urls, factory);
         acc = AccessController.getContext();
+        ucp = new URLClassPath(urls, factory, acc);
     }

     /* A map (used as a set) to keep track of closeable local resources
--- a/src/share/classes/sun/misc/JarIndex.java	Thu Aug 11 14:16:21 2016 +0100
+++ b/src/share/classes/sun/misc/JarIndex.java	Tue Aug 16 16:09:00 2016 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,9 +26,11 @@
 package sun.misc;

 import java.io.*;
+import java.security.AccessController;
 import java.util.*;
 import java.util.jar.*;
 import java.util.zip.*;
+import sun.security.action.GetPropertyAction;

 /**
  * This class is used to maintain mappings from packages, classes
@@ -72,7 +74,8 @@
      * be added to the index. Otherwise, just the directory names are added.
      */
     private static final boolean metaInfFilenames =
-        "true".equals(System.getProperty("sun.misc.JarIndex.metaInfFilenames"));
+        "true".equals(AccessController.doPrivileged(
+             new GetPropertyAction("sun.misc.JarIndex.metaInfFilenames")));

     /**
      * Constructs a new, empty jar index.
--- a/src/share/classes/sun/misc/Launcher.java	Thu Aug 11 14:16:21 2016 +0100
+++ b/src/share/classes/sun/misc/Launcher.java	Tue Aug 16 16:09:00 2016 +0100
@@ -408,7 +408,7 @@
             } else {
                 urls = new URL[0];
             }
-            bcp = new URLClassPath(urls, factory);
+            bcp = new URLClassPath(urls, factory, null);
             bcp.initLookupCache(null);
         }
     }
--- a/src/share/classes/sun/misc/URLClassPath.java	Thu Aug 11 14:16:21 2016 +0100
+++ b/src/share/classes/sun/misc/URLClassPath.java	Tue Aug 16 16:09:00 2016 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -44,6 +44,7 @@
 import java.net.URLStreamHandler;
 import java.net.URLStreamHandlerFactory;
 import java.io.*;
+import java.security.AccessControlContext;
 import java.security.AccessController;
 import java.security.AccessControlException;
 import java.security.CodeSigner;
@@ -67,6 +68,7 @@
     private static final boolean DEBUG;
     private static final boolean DEBUG_LOOKUP_CACHE;
     private static final boolean DISABLE_JAR_CHECKING;
+    private static final boolean DISABLE_ACC_CHECKING;

     static {
         JAVA_VERSION = java.security.AccessController.doPrivileged(
@@ -78,6 +80,10 @@
         String p = java.security.AccessController.doPrivileged(
             new GetPropertyAction("sun.misc.URLClassPath.disableJarChecking"));
         DISABLE_JAR_CHECKING = p != null ? p.equals("true") || p.equals("") : false;
+
+        p = AccessController.doPrivileged(
+            new GetPropertyAction("jdk.net.URLClassPath.disableRestrictedPermissions"));
+        DISABLE_ACC_CHECKING = p != null ? p.equals("true") || p.equals("") : false;
     }

     /* The original search path of URLs. */
@@ -98,6 +104,11 @@
     /* Whether this URLClassLoader has been closed yet */
     private boolean closed = false;

+    /* The context to be used when loading classes and resources.  If non-null
+     * this is the context that was captured during the creation of the
+     * URLClassLoader. null implies no additional security restrictions. */
+    private final AccessControlContext acc;
+
     /**
      * Creates a new URLClassPath for the given URLs. The URLs will be
      * searched in the order specified for classes and resources. A URL
@@ -107,8 +118,12 @@
      * @param urls the directory and JAR file URLs to search for classes
      *        and resources
      * @param factory the URLStreamHandlerFactory to use when creating new URLs
+     * @param acc the context to be used when loading classes and resources, may
+     *            be null
      */
-    public URLClassPath(URL[] urls, URLStreamHandlerFactory factory) {
+    public URLClassPath(URL[] urls,
+                        URLStreamHandlerFactory factory,
+                        AccessControlContext acc) {
         for (int i = 0; i < urls.length; i++) {
             path.add(urls[i]);
         }
@@ -116,10 +131,22 @@
         if (factory != null) {
             jarHandler = factory.createURLStreamHandler("jar");
         }
+        if (DISABLE_ACC_CHECKING)
+            this.acc = null;
+        else
+            this.acc = acc;
     }

+    /**
+     * Constructs a URLClassPath with no additional security restrictions.
+     * Used by code that implements the class path.
+     */
     public URLClassPath(URL[] urls) {
-        this(urls, null);
+        this(urls, null, null);
+    }
+
+    public URLClassPath(URL[] urls, AccessControlContext acc) {
+        this(urls, null, acc);
     }

     public synchronized List<IOException> closeLoaders() {
@@ -499,6 +526,14 @@
             } catch (IOException e) {
                 // Silently ignore for now...
                 continue;
+            } catch (SecurityException se) {
+                // Always silently ignore. The context, if there is one, that
+                // this URLClassPath was given during construction will never
+                // have permission to access the URL.
+                if (DEBUG) {
+                    System.err.println("Failed to access " + url + ", " + se );
+                }
+                continue;
             }
             // Finally, add the Loader to the search path.
             validateLookupCache(loaders.size(), urlNoFragString);
@@ -527,10 +562,10 @@
                             return new Loader(url);
                         }
                     } else {
-                        return new JarLoader(url, jarHandler, lmap);
+                        return new JarLoader(url, jarHandler, lmap, acc);
                     }
                 }
-            });
+            }, acc);
         } catch (java.security.PrivilegedActionException pae) {
             throw (IOException)pae.getException();
         }
@@ -755,11 +790,12 @@
      */
     static class JarLoader extends Loader {
         private JarFile jar;
-        private URL csu;
+        private final URL csu;
         private JarIndex index;
         private MetaIndex metaIndex;
         private URLStreamHandler handler;
-        private HashMap<String, Loader> lmap;
+        private final HashMap<String, Loader> lmap;
+        private final AccessControlContext acc;
         private boolean closed = false;
         private static final sun.misc.JavaUtilZipFileAccess zipAccess =
                 sun.misc.SharedSecrets.getJavaUtilZipFileAccess();
@@ -769,13 +805,15 @@
          * a JAR file.
          */
         JarLoader(URL url, URLStreamHandler jarHandler,
-                  HashMap<String, Loader> loaderMap)
+                  HashMap<String, Loader> loaderMap,
+                  AccessControlContext acc)
             throws IOException
         {
             super(new URL("jar", "", -1, url + "!/", jarHandler));
             csu = url;
             handler = jarHandler;
             lmap = loaderMap;
+            this.acc = acc;

             if (!isOptimizable(url)) {
                 ensureOpen();
@@ -859,8 +897,7 @@
                                 }
                                 return null;
                             }
-                        }
-                    );
+                        }, acc);
                 } catch (java.security.PrivilegedActionException pae) {
                     throw (IOException)pae.getException();
                 }
@@ -1054,9 +1091,9 @@
                                 new PrivilegedExceptionAction<JarLoader>() {
                                     public JarLoader run() throws IOException {
                                         return new JarLoader(url, handler,
-                                            lmap);
+                                            lmap, acc);
                                     }
-                                });
+                                }, acc);

                             /* this newly opened jar file has its own index,
                              * merge it into the parent's index, taking into