ObjectInputStream.java (enableResolveObject): Use correct security check.

	* java/io/ObjectInputStream.java (enableResolveObject): Use
	correct security check.
	* java/io/ObjectOutputStream.java (enableReplaceObject): Use
	correct security check.

From-SVN: r48256

libjava/ChangeLog

 2001-12-21  Tom Tromey  <tromey@redhat.com>
 
+	* java/io/ObjectInputStream.java (enableResolveObject): Use
+	correct security check.
+	* java/io/ObjectOutputStream.java (enableReplaceObject): Use
+	correct security check.
+
 	Fix for PR java/5165:
 	* java/lang/natClassLoader.cc (_Jv_PrepareCompiledClass):
 	Convert any constant string field to a String; not just final

libjava/java/io/ObjectInputStream.java

@@ -528,8 +528,11 @@ public class ObjectInputStream extends InputStream
     throws SecurityException
   {
     if (enable)
-      if (getClass ().getClassLoader () != null)
-	throw new SecurityException ("Untrusted ObjectInputStream subclass attempted to enable object resolution");
+      {
+	SecurityManager sm = System.getSecurityManager ();
+	if (sm != null)
+	  sm.checkPermission (new SerializablePermission ("enableSubtitution"));
+      }
 
     boolean old_val = this.resolveEnabled;
     this.resolveEnabled = enable;

libjava/java/io/ObjectOutputStream.java

 /* ObjectOutputStream.java -- Class used to write serialized objects
-   Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -550,8 +550,11 @@ public class ObjectOutputStream extends OutputStream
     throws SecurityException
   {
     if (enable)
-      if (getClass ().getClassLoader () != null)
-	throw new SecurityException ("Untrusted ObjectOutputStream subclass attempted to enable object replacement");
+      {
+	SecurityManager sm = System.getSecurityManager ();
+	if (sm != null)
+	  sm.checkPermission (new SerializablePermission ("enableSubstitution"));
+      }
 
     boolean old_val = replacementEnabled;
     replacementEnabled = enable;