FilePermission Canonical path optimization
Wang Weijun
weijun.wang at oracle.com
Mon Feb 9 06:50:49 UTC 2015
> On Feb 9, 2015, at 14:42, Peter Levart <peter.levart at gmail.com> wrote:
>
> Hi Max,
>
> Of course you are aware that by trusting the symlinks, you potentially give much more permission than you would hope to. Suppose that some code has permission to read and write into a particular directory (for temporary files). With this permission the code can actually read and/or write any file in the filesystem that OS grants access to the java process. Merely by creating a symlink in the read/write-able directory and accessing the file through it. That's why Apache HTTP Server by default disables "FollowSymLinks" option.
Yes, we will be careful.
In Java, a LinkPermission is needed to create a link. Of course, there might be other (existing) symlinks created by other non-Java processes. We will evaluate this possibility.
Thanks
Max
More information about the core-libs-dev
mailing list