RFR: 8218021: jarsigner strips the execute permission when signing a .zip file
Alan Bateman
Alan.Bateman at oracle.com
Tue Jan 21 13:49:06 UTC 2020
On 17/01/2020 10:59, Seán Coffey wrote:
> Hi,
>
> Looking to introduce some JDK private functionality which will help
> preserve internal zip file attribute permissions when jarsigner is run
> on a zip file. Some of the logic is taken from the recent work carried
> out in this area for zipfs API.
>
> https://bugs.openjdk.java.net/browse/JDK-8218021
> http://cr.openjdk.java.net/~coffeys/webrev.8218021/webrev/
The jarsigner tool is for signing JAR files so it does look strange that
it only preserves the permissions when signing a zip file. So I think I
agree with the other comments that that part of the proposal should be
examined again. If you don't special case then the concerns about the
toLowerCase() usage go away too.
The bigger issue with the proposal is that the signing doesn't cover the
information in the extended extra blocks so they can be tampered with.
I think we need to heard from security-dev on this point. One option
might be to emit a warning when there are permissions. Another is a
jarsigner option to opt-in to preserve the permissions.
-Alan
More information about the core-libs-dev
mailing list