[11] RFR: 8208691: Tighten up jdk.includeInExceptions security property
Sean Mullan
sean.mullan at oracle.com
Tue Aug 7 13:09:06 UTC 2018
On 8/7/18 3:09 AM, Alan Bateman wrote:
> On 06/08/2018 20:23, Sean Mullan wrote:
>> After further evaluation of the new jdk.includeInExceptions security
>> property originally introduced in JDK-8204233 [1] and further
>> generalized in JDK-8207846 [2], I felt that a stronger warning should
>> be added to the description of the property alerting the user to the
>> potential risks of setting the property. I also added a test to ensure
>> that the property was not accidentally turned on by default (mainly to
>> catch accidental pushes where the property was left on as part of
>> testing, etc).
>>
>> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8208691/webrev.00/
> I think it would simpler and read a bit better to just say "Use caution
> before ...", meaning drop "NOTE" and "extra". The rest of the text is
> okay. The additional test looks okay too.
I'll remove "extra" but I'd prefer to keep "NOTE" to draw attention to it.
--Sean
More information about the core-libs-dev
mailing list