8343958: Remove security manager impl in java.lang.Process and java.l…

…ang.Runtime.exec

Reviewed-by: jpai, mullan, alanb

src/java.base/share/classes/java/lang/ProcessBuilder.java

@@ -339,11 +339,6 @@ public List<String> command() {
      * @see    System#getenv()
      */
     public Map<String,String> environment() {
-        @SuppressWarnings("removal")
-        SecurityManager security = System.getSecurityManager();
-        if (security != null)
-            security.checkPermission(new RuntimePermission("getenv.*"));
-
         if (environment == null)
             environment = ProcessEnvironment.environment();
 
@@ -1069,11 +1064,6 @@ private Process start(Redirect[] redirects) throws IOException {
         // Throws IndexOutOfBoundsException if command is empty
         String prog = cmdarray[0];
 
-        @SuppressWarnings("removal")
-        SecurityManager security = System.getSecurityManager();
-        if (security != null)
-            security.checkExec(prog);
-
         String dir = directory == null ? null : directory.toString();
 
         for (String s : cmdarray) {
@@ -1112,24 +1102,13 @@ private Process start(Redirect[] redirects) throws IOException {
             }
             return process;
         } catch (IOException | IllegalArgumentException e) {
-            String exceptionInfo = ": " + e.getMessage();
-            Throwable cause = e;
-            if ((e instanceof IOException) && security != null) {
-                // Can not disclose the fail reason for read-protected files.
-                try {
-                    security.checkRead(prog);
-                } catch (SecurityException se) {
-                    exceptionInfo = "";
-                    cause = se;
-                }
-            }
             // It's much easier for us to create a high-quality error
             // message than the low-level C code which found the problem.
             throw new IOException(
                 "Cannot run program \"" + prog + "\""
                 + (dir == null ? "" : " (in directory \"" + dir + "\")")
-                + exceptionInfo,
-                cause);
+                + ": " + e.getMessage(),
+                e);
         }
     }
 

src/java.base/share/classes/java/lang/ProcessHandleImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -84,28 +84,28 @@ final class ProcessHandleImpl implements ProcessHandle {
     /**
      * The thread pool of "process reaper" daemon threads.
      */
-    @SuppressWarnings("removal")
-    private static final Executor processReaperExecutor =
-            AccessController.doPrivileged((PrivilegedAction<Executor>) () -> {
-                // Initialize ThreadLocalRandom now to avoid using the smaller stack
-                // of the processReaper threads.
-                ThreadLocalRandom.current();
-
-                // For a debug build, the stack shadow zone is larger;
-                // Increase the total stack size to avoid potential stack overflow.
-                int debugDelta = "release".equals(System.getProperty("jdk.debug")) ? 0 : (4*4096);
-                final long stackSize = Boolean.getBoolean("jdk.lang.processReaperUseDefaultStackSize")
-                        ? 0 : REAPER_DEFAULT_STACKSIZE + debugDelta;
-
-                ThreadFactory threadFactory = grimReaper -> {
-                    Thread t = InnocuousThread.newSystemThread("process reaper", grimReaper,
-                            stackSize, Thread.MAX_PRIORITY);
-                    privilegedThreadSetDaemon(t, true);
-                    return t;
-                };
-
-                return Executors.newCachedThreadPool(threadFactory);
-            });
+    private static final Executor processReaperExecutor = initReaper();
+
+    private static Executor initReaper() {
+        // Initialize ThreadLocalRandom now to avoid using the smaller stack
+        // of the processReaper threads.
+        ThreadLocalRandom.current();
+
+        // For a debug build, the stack shadow zone is larger;
+        // Increase the total stack size to avoid potential stack overflow.
+        int debugDelta = "release".equals(System.getProperty("jdk.debug")) ? 0 : (4 * 4096);
+        final long stackSize = Boolean.getBoolean("jdk.lang.processReaperUseDefaultStackSize")
+                ? 0 : REAPER_DEFAULT_STACKSIZE + debugDelta;
+
+        ThreadFactory threadFactory = grimReaper -> {
+            Thread t = InnocuousThread.newSystemThread("process reaper", grimReaper,
+                    stackSize, Thread.MAX_PRIORITY);
+            t.setDaemon(true);
+            return t;
+        };
+
+        return Executors.newCachedThreadPool(threadFactory);
+    }
 
     private static class ExitCompletion extends CompletableFuture<Integer> {
         final boolean isReaping;
@@ -115,22 +115,6 @@ private static class ExitCompletion extends CompletableFuture<Integer> {
         }
     }
 
-    @SuppressWarnings("removal")
-    private static void privilegedThreadSetName(Thread thread, String name) {
-        AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
-            thread.setName(name);
-            return null;
-        });
-    }
-
-    @SuppressWarnings("removal")
-    private static void privilegedThreadSetDaemon(Thread thread, boolean on) {
-        AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
-            thread.setDaemon(on);
-            return null;
-        });
-    }
-
     /**
      * Returns a CompletableFuture that completes with process exit status when
      * the process completes.
@@ -158,7 +142,7 @@ static CompletableFuture<Integer> completion(long pid, boolean shouldReap) {
                     public void run() {
                         Thread t = Thread.currentThread();
                         String threadName = t.getName();
-                        privilegedThreadSetName(t, "process reaper (pid " + pid + ")");
+                        t.setName("process reaper (pid " + pid + ")");
                         try {
                             int exitValue = waitForProcessExit0(pid, shouldReap);
                             if (exitValue == NOT_A_CHILD) {
@@ -189,7 +173,7 @@ public void run() {
                             completions.remove(pid, newCompletion);
                         } finally {
                             // Restore thread name
-                            privilegedThreadSetName(t, threadName);
+                            t.setName(threadName);
                         }
                     }
                 });
@@ -255,14 +239,8 @@ private ProcessHandleImpl(long pid, long startTime) {
      * @param  pid the native process identifier
      * @return The ProcessHandle for the pid if the process is alive;
      *         or {@code null} if the process ID does not exist in the native system.
-     * @throws SecurityException if RuntimePermission("manageProcess") is not granted
      */
     static Optional<ProcessHandle> get(long pid) {
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new RuntimePermission("manageProcess"));
-        }
         long start = isAlive0(pid);
         return (start >= 0)
                 ? Optional.of(new ProcessHandleImpl(pid, start))
@@ -296,14 +274,8 @@ public long pid() {
      * Returns the ProcessHandle for the current native process.
      *
      * @return The ProcessHandle for the OS process.
-     * @throws SecurityException if RuntimePermission("manageProcess") is not granted
      */
     public static ProcessHandleImpl current() {
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new RuntimePermission("manageProcess"));
-        }
         return current;
     }
 
@@ -319,15 +291,8 @@ public static ProcessHandleImpl current() {
      *
      * @return a ProcessHandle of the parent process; {@code null} is returned
      *         if the child process does not have a parent
-     * @throws SecurityException           if permission is not granted by the
-     *                                     security policy
      */
     public Optional<ProcessHandle> parent() {
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new RuntimePermission("manageProcess"));
-        }
         long ppid = parent0(pid, startTime);
         if (ppid <= 0) {
             return Optional.empty();
@@ -442,11 +407,6 @@ public Stream<ProcessHandle> children() {
      * @return a stream of ProcessHandles
      */
     static Stream<ProcessHandle> children(long pid) {
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new RuntimePermission("manageProcess"));
-        }
         int size = 100;
         long[] childpids = null;
         long[] starttimes = null;
@@ -463,11 +423,6 @@ static Stream<ProcessHandle> children(long pid) {
 
     @Override
     public Stream<ProcessHandle> descendants() {
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new RuntimePermission("manageProcess"));
-        }
         int size = 100;
         long[] pids = null;
         long[] ppids = null;

src/java.base/unix/classes/java/lang/ProcessImpl.java

@@ -42,14 +42,10 @@
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.locks.Condition;
 import java.util.concurrent.locks.ReentrantLock;
-import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
 import jdk.internal.access.JavaIOFileDescriptorAccess;
 import jdk.internal.access.SharedSecrets;
 import jdk.internal.util.OperatingSystem;
 import jdk.internal.util.StaticProperty;
-import sun.security.action.GetPropertyAction;
 
 /**
  * java.lang.Process subclass in the UNIX environment.
@@ -95,7 +91,7 @@ private static enum LaunchMechanism {
      * @throws Error if the requested launch mechanism is not found or valid
      */
     private static LaunchMechanism launchMechanism() {
-        String s = GetPropertyAction.privilegedGetProperty("jdk.lang.Process.launchMechanism");
+        String s = System.getProperty("jdk.lang.Process.launchMechanism");
         if (s == null) {
             return LaunchMechanism.POSIX_SPAWN;
         }
@@ -282,7 +278,6 @@ private native int forkAndExec(int mode, byte[] helperpath,
                                    boolean redirectErrorStream)
         throws IOException;
 
-    @SuppressWarnings("removal")
     private ProcessImpl(final byte[] prog,
                 final byte[] argBlock, final int argc,
                 final byte[] envBlock, final int envc,
@@ -302,14 +297,7 @@ private ProcessImpl(final byte[] prog,
                           redirectErrorStream);
         processHandle = ProcessHandleImpl.getInternal(pid);
 
-        try {
-            AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
-                initStreams(fds, forceNullOutputStream);
-                return null;
-            });
-        } catch (PrivilegedActionException ex) {
-            throw (IOException) ex.getCause();
-        }
+        initStreams(fds, forceNullOutputStream);
     }
 
     static FileDescriptor newFileDescriptor(int fd) {
@@ -507,11 +495,6 @@ public CompletableFuture<Process> onExit() {
 
     @Override
     public ProcessHandle toHandle() {
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new RuntimePermission("manageProcess"));
-        }
         return processHandle;
     }