Code Review Request: running signed modules with SecurityManager

mark.reinhold at oracle.com mark.reinhold at oracle.com
Wed Jun 2 21:49:51 PDT 2010


> Date: Fri, 28 May 2010 11:13:27 -0400
> From: sean.mullan at oracle.com

> On 5/27/10 8:13 PM, Rémi Forax wrote:
>>>> In SimpleLibrary.readLocalCodeSigners,
>>>> if the file is removed between f.exists() and
>>>> new FileInputstream, instead of returning null, you throw an
>>>> IOException,
>>> 
>>> Hmm, but there is no way for that to happen unless the library data is
>>> being modified maliciously or accidentally.
>> 
>> My question was more, is it the intended behavior ?
> 
> Ok. TBD. I think this needs to be addressed as a more general issue of the
> Library implementation and what assumptions can or cannot be made about the
> data (integrity, concurrent access, etc). I'll add a comment for now that this
> needs to be looked at.

Right now the SimpleLibrary implementation is, well, very simple.
It doesn't do any locking, nor does it guarantee to clean up properly
when something goes wrong.  We'll fix it eventually, but let's get
all this other stuff working first.

- Mark



More information about the jigsaw-dev mailing list