Protection Domains with static permissions are improperly constructed
I'm pretty new to the java security model, but this doesn't look right. It seems as though ProtectionDomains with static permissions have symantically different functionality than those that are constructed with the "variant" constructor(CodeSource, PermissionCollection, ClassLoader, Principal[]). The documentation enforces this idea "The only permissions granted to this domain are the ones specified; the current Policy will not be consulted". Why then are the ProtectionDomains reconstructed improperly in combine(ProtectionDomain[], ProtectionDomain[]) method of the javax.security.auth.SubjectDomainCombiner? The wrong constructor is being called.
The reason the SubjectDomainCombiner is reconstructing these improperly is because it ownly uses the second form of the ProtectionDomain constructor. In my case the SubjectDomainCombiner is reconstructing a ProtectionDomain that was constructed with the first form. Basically this means that the staticPermissions variable in my ProtectionDomain changes from true to false. Then when it's time to call the implies(Permission) method it consults the current policy instead of ONLY using static permissions.
This is causing havic with my custom classloader because I don't want the security manager checking the current Policy for permissions. I only want the ProtectionDomain's static permissions. Bug 4687166 also deals with combiners improperly constructing ProtectionDomains, but it is NOT a duplicate.
Now this means I'm going to have to extend the Policy class to get around this problem. Something isn't right, if it's me, please let me know.
