Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]
Alan Bateman
Alan.Bateman at oracle.com
Fri Jun 7 16:02:07 UTC 2013
On 07/06/2013 10:02, Alexey Utkin wrote:
> Hi,
> Please review the fix.
>
> Bug description:
> http://bugs.sun.com/view_bug.do?bug_id=8016046
> https://jbs.oracle.com/bugs/browse/JDK-8016046
>
> The suggested fix:
> http://cr.openjdk.java.net/~uta/openjdk-webrevs/JDK-8016046/webrev.00/
>
> Summary:
> In absence of the Security Manager the verification procedure for
> the command-line was restored as before the JDK-8012453 fix. That
> suggests the ability of inline input/output redirection, piping,
> simultaneous launching of several programs by single command, lost
> spaces and etc.
> The extended verification procedure is activated in presence of the
> Security Manager or installing to "false" the
> "jdk.lang.Process.allowAmbiguousCommands" Java property.
Given 15 years of sloppy usage of Runtime.exec on Windows then it was
always going to be difficult to switch to tighter checking by default.
So I think the solution is right and keeps existing code working. I also
agree that it's useful to have a property to opt-in to get property
checking of the input.
So the changes looks good to me. A minor comment on the test but in
checkOut then it could use Files.notExists. It would be useful to expand
the @bug to include the new bug ID too.
-Alan.
More information about the core-libs-dev
mailing list