RFR(XXS): 8066766: The commands in the modular images are executable by the owner only

Volker Simonis volker.simonis at gmail.com
Fri Dec 5 18:14:26 UTC 2014 

On Fri, Dec 5, 2014 at 7:09 PM, Chris Hegarty <chris.hegarty at oracle.com> wrote:
> Volker,
>
> Personally I would use the more verbose version, Files.setPosixFilePermissions, so we can see any failures. But as Alan pointed out, this is a temporary build tool, and I live with it either way.   Is there any reason why you cannot use the NIO API ?

No, for me it's no problem. I was just wondering if
Files.setPosixFilePermissions() would work on Windows. Because now it
is only used for the 'jspawnhelper' which is not built on Windows. If
Files.setPosixFilePermissions() doesn't throw an exception on Windows
I'll be happy to use that version for the binaries as well.

>
> -Chris.
>
> On 5 Dec 2014, at 16:50, Volker Simonis <volker.simonis at gmail.com> wrote:
>
>> Hi Chris,
>>
>> thanks for the fast response.
>>
>> I saw that code in ImageBuilder, but it looked overly complicated to
>> me. What about cleaning that up as well:
>>
>> http://cr.openjdk.java.net/~simonis/webrevs/8066766.v2/
>>
>> I've just checked that on Solaris 'jspawnhelper' still has the right
>> execution bits set after the change.
>>
>> Regards,
>> Volker
>>
>> On Fri, Dec 5, 2014 at 3:18 PM, Chris Hegarty <chris.hegarty at oracle.com> wrote:
>>> Thanks Volker,
>>>
>>> I agree with your change, or you can take the code from ImageBuilder. Either
>>> is fine with me.
>>>
>>>    private void setExecutable(Path file) {
>>>        try {
>>>            Set<PosixFilePermission> perms =
>>> Files.getPosixFilePermissions(file);
>>>            perms.add(PosixFilePermission.OWNER_EXECUTE);
>>>            perms.add(PosixFilePermission.GROUP_EXECUTE);
>>>            perms.add(PosixFilePermission.OTHERS_EXECUTE);
>>>            Files.setPosixFilePermissions(file, perms);
>>>        } catch (IOException ioe) {
>>>            throw new UncheckedIOException(ioe);
>>>        }
>>>    }
>>>
>>> -Chris.
>>>
>>>
>>> On 05/12/14 14:07, Volker Simonis wrote:
>>>>
>>>> Hi,
>>>>
>>>> after the integration of the modular changes into jdk9-dev the
>>>> executable commands in jdk/bin and jre/bin images are only executable
>>>> by the file owner. This means that only the user who built the images
>>>> can execute the programs.
>>>>
>>>> This can be easily fixed with the following trivial change:
>>>>
>>>> http://cr.openjdk.java.net/~simonis/webrevs/8066766/
>>>> https://bugs.openjdk.java.net/browse/JDK-8066766
>>>>
>>>> Thanks,
>>>> Volker
>>>>
>>>
>

More information about the build-dev mailing list