...
| Code Block | ||||
|---|---|---|---|---|
| ||||
AccessController.doPrivileged( new PrivilegedAction<Void>() { public Void run() { // ... } }, accessControlContext); |
When passed a null access control context, the two-argument doPrivileged() method fails to reduce the current privileges to those of the previously saved context. Consequently, this code can grant excess privileges when the accessControlContext argument is null. Programmers Programmer who intend to call call AccessController.doPrivileged() with a null access control context should explicitly pass the null constant or use the one-argument version of AccessController.doPrivileged().
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
if (accessControlContext == null) {
throw new SecurityException("Missing AccessControlContext");
}
AccessController.doPrivileged(
new PrivilegedAction<Void>() {
public Void run() {
// ...
}
}, accessControlContext); |
...