[icedtea-web][rfc] Update on Danesh's major rework of JarCertVerifier
Omair Majid
omajid at redhat.com
Wed Oct 10 09:26:47 PDT 2012
On 09/25/2012 10:59 AM, Adam Domurad wrote:
> + * @param bad
> + * 3 booleans to show if the KeyUsage, ExtendedKeyUsage, NetscapeCertType has codeSigning flag turned on. If null, the class field badKeyUsage, badExtendedKeyUsage, badNetscapeCertType will be set.
Please consider line-wrapping this.
> + public Map<String, Integer> getJarSignableEntries() {
> + return jarSignableEntries;
> + }
If untrusted code were able to invoke this method, would that compromise
the security of the system? Should we be returning a mutable data
structure here?
> +public class VerifyJarEntryCertsTest {
Could you rename this class to ${CLASS_IT_TESTS}Test? That would be
JarCertVerifierTest. Otherwise it will be harder to find this the next
time someone is updating JarCertVerifier.
> + // This calls ReadPropertiesSigned with user.home, it is not easy to think of a pattern to match this
> + // Instead we make sure _something_ was printed
> + Assert.assertFalse("stdout should NOT be empty, but was", pr.stdout.isEmpty());
> + Assert.assertFalse("stderr should NOT contains `" + accExcString + "`, but did", pr.stderr.contains(accExcString));
> + }
Maybe you can you some other system property that's more predictable
(like, say "java.vm.specification.name") ?
Rest looks okay to me.
Cheers,
Omair
More information about the distro-pkg-dev
mailing list