1 files changed, 22 insertions, 8 deletions

diff --git a/src/jdk/nashorn/internal/runtime/Context.java b/src/jdk/nashorn/internal/runtime/Context.java
index 1c4a08c8..448df143 100644
--- a/src/jdk/nashorn/internal/runtime/Context.java
+++ b/src/jdk/nashorn/internal/runtime/Context.java
@@ -27,9 +27,9 @@ package jdk.nashorn.internal.runtime;
 
 import static jdk.nashorn.internal.codegen.CompilerConstants.RUN_SCRIPT;
 import static jdk.nashorn.internal.codegen.CompilerConstants.STRICT_MODE;
+import static jdk.nashorn.internal.lookup.Lookup.MH;
 import static jdk.nashorn.internal.runtime.ECMAErrors.typeError;
 import static jdk.nashorn.internal.runtime.ScriptRuntime.UNDEFINED;
-import static jdk.nashorn.internal.lookup.Lookup.MH;
 
 import java.io.File;
 import java.io.IOException;
@@ -39,10 +39,13 @@ import java.lang.invoke.MethodHandles;
 import java.lang.reflect.Constructor;
 import java.net.MalformedURLException;
 import java.net.URL;
+import java.security.AccessControlContext;
 import java.security.AccessController;
 import java.security.CodeSigner;
 import java.security.CodeSource;
+import java.security.Permissions;
 import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 import jdk.internal.org.objectweb.asm.ClassReader;
 import jdk.internal.org.objectweb.asm.util.CheckClassAdapter;
 import jdk.nashorn.internal.codegen.Compiler;
@@ -77,7 +80,7 @@ public final class Context {
 
         /**
          * Return the context for this installer
-         * @return context
+         * @return ScriptEnvironment
          */
         @Override
         public ScriptEnvironment getOwner() {
@@ -123,7 +126,7 @@ public final class Context {
             if (callerLoader != myLoader &&
                 !(callerLoader instanceof StructureLoader) &&
                 !(JavaAdapterFactory.isAdapterClass(caller))) {
-                sm.checkPermission(new RuntimePermission("getNashornGlobal"));
+                sm.checkPermission(new RuntimePermission("nashorn.getGlobal"));
             }
         }
 
@@ -137,7 +140,7 @@ public final class Context {
     public static void setGlobal(final ScriptObject global) {
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            sm.checkPermission(new RuntimePermission("setNashornGlobal"));
+            sm.checkPermission(new RuntimePermission("nashorn.setGlobal"));
         }
 
         if (global != null && !(global instanceof GlobalObject)) {
@@ -154,7 +157,7 @@ public final class Context {
     public static Context getContext() {
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            sm.checkPermission(new RuntimePermission("getNashornContext"));
+            sm.checkPermission(new RuntimePermission("nashorn.getContext"));
         }
         return getContextTrusted();
     }
@@ -267,7 +270,7 @@ public final class Context {
     public Context(final Options options, final ErrorManager errors, final PrintWriter out, final PrintWriter err, final ClassLoader appLoader) {
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            sm.checkPermission(new RuntimePermission("createNashornContext"));
+            sm.checkPermission(new RuntimePermission("nashorn.createContext"));
         }
 
         this.env       = new ScriptEnvironment(options, out, err);
@@ -533,7 +536,13 @@ public final class Context {
         if (index != -1) {
             final SecurityManager sm = System.getSecurityManager();
             if (sm != null) {
-                sm.checkPackageAccess(fullName.substring(0, index));
+                AccessController.doPrivileged(new PrivilegedAction<Void>() {
+                    @Override
+                    public Void run() {
+                        sm.checkPackageAccess(fullName.substring(0, index));
+                        return null;
+                    }
+                }, createNoPermissionsContext());
             }
         }
 
@@ -599,7 +608,7 @@ public final class Context {
     public ScriptObject newGlobal() {
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            sm.checkPermission(new RuntimePermission("createNashornGlobal"));
+            sm.checkPermission(new RuntimePermission("nashorn.newGlobal"));
         }
 
         return newGlobalTrusted();
@@ -676,6 +685,10 @@ public final class Context {
         return (context != null) ? context : Context.getContextTrusted();
     }
 
+    private static AccessControlContext createNoPermissionsContext() {
+        return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, new Permissions()) });
+    }
+
     private Object evaluateSource(final Source source, final ScriptObject scope, final ScriptObject thiz) {
         ScriptFunction script = null;
 
@@ -731,6 +744,7 @@ public final class Context {
             global = (GlobalObject)Context.getGlobalTrusted();
             script = global.findCachedClass(source);
             if (script != null) {
+                Compiler.LOG.fine("Code cache hit for " + source + " avoiding recompile.");
                 return script;
             }
         }