diff a/src/java.base/share/classes/java/net/NetPermission.java b/src/java.base/share/classes/java/net/NetPermission.java --- a/src/java.base/share/classes/java/net/NetPermission.java +++ b/src/java.base/share/classes/java/net/NetPermission.java @@ -64,10 +64,20 @@ * information in the HTTP headers (such as cookies) that it might not * otherwise have access to. * * * + * accessUnixDomainSocket + * The ability to accept, bind, connect or get the local address + * of a Unix Domain socket. + * + * Malicious code could connect to local processes using Unix domain sockets + * or impersonate local processes, by binding to the same pathnames (assuming they + * have the required Operating System permissions. + * + * + * * getCookieHandler * The ability to get the cookie handler that processes highly * security sensitive cookie information for an Http session. * Malicious code can get a cookie handler to obtain access to * highly security sensitive cookie information. Some web servers