Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]
Alexey Utkin
alexey.utkin at oracle.com
Mon Jun 10 08:15:03 UTC 2013
Here is the changed version:
http://cr.openjdk.java.net/~uta/openjdk-webrevs/JDK-8016046/webrev.01/
On 6/7/2013 8:02 PM, Alan Bateman wrote:
> On 07/06/2013 10:02, Alexey Utkin wrote:
>> Hi,
>> Please review the fix.
>>
>> Bug description:
>> http://bugs.sun.com/view_bug.do?bug_id=8016046
>> https://jbs.oracle.com/bugs/browse/JDK-8016046
>>
>> The suggested fix:
>> http://cr.openjdk.java.net/~uta/openjdk-webrevs/JDK-8016046/webrev.00/
>>
>> Summary:
>> In absence of the Security Manager the verification procedure for
>> the command-line was restored as before the JDK-8012453 fix. That
>> suggests the ability of inline input/output redirection, piping,
>> simultaneous launching of several programs by single command, lost
>> spaces and etc.
>> The extended verification procedure is activated in presence of the
>> Security Manager or installing to "false" the
>> "jdk.lang.Process.allowAmbiguousCommands" Java property.
> Given 15 years of sloppy usage of Runtime.exec on Windows then it was
> always going to be difficult to switch to tighter checking by default.
> So I think the solution is right and keeps existing code working. I
> also agree that it's useful to have a property to opt-in to get
> property checking of the input.
>
> So the changes looks good to me. A minor comment on the test but in
> checkOut then it could use Files.notExists. It would be useful to
> expand the @bug to include the new bug ID too.
Done.
Regards,
-uta
More information about the core-libs-dev
mailing list