Request for review: 7190897 (fs) Files.isWritable method returns false when the path is writable (win).
Alexey Utkin
alexey.utkin at oracle.com
Thu Feb 28 11:54:28 UTC 2013
Hi,
Please review the fix.
Bug description:
http://bugs.sun.com/view_bug.do?bug_id=7190897
https://jbs.oracle.com/bugs/browse/JDK-7190897
The suggested fix:
http://cr.openjdk.java.net/~uta/openjdk-webrevs/JDK-7190897/webrev.00/
Summary:
The isolated method for the file security descriptor testing against the
process owner is not a realistic approach for run-time permission checking
by two reasons:
1. the user can hold additional privileges due to access to active logon
session
2. the test thread can be impersonated by token that is different from
process token
The problem is covered by test NB project attached to the bug. Please,
read the bug comments for details.
New approach based on WIN32 function AccessCheck that makes run-time
permission checking against the thread token. The function security
setting was adjusted for the file system objects.
The bug JDK-8008810 [(fs) Handle leak in the
[WindowsSecurity.enablePrivilege] method.]
https://jbs.oracle.com/bugs/browse/JDK-8008810
was resoled as part of suggested modification.
Regards,
-uta
More information about the core-libs-dev
mailing list