8028270: Files.readSymbolicLink calls AccessController directly so security manager can't grant the permission
Martin Buchholz
martinrb at google.com
Wed Nov 13 08:20:40 PST 2013
OK, looks good to me.
On Wed, Nov 13, 2013 at 8:16 AM, Alan Bateman <Alan.Bateman at oracle.com>wrote:
> On 13/11/2013 16:01, Martin Buchholz wrote:
>
>> If you compare with the analogous code in createSymbolicLink, one would
>> expect in addition a call to link.checkRead, since this is "reading the
>> contents of a file". Users expect their security manager's checkRead
>> method to be called here.
>>
> It is specified to check the readlink action rather than read because read
> also grants permission to the final target of the link (there is
> awkwardness here due to problems with the way that FilePermission was
> original designed, it just doesn't mesh well with symbolic links).
>
> -Alan.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/nio-dev/attachments/20131113/b3b12a50/attachment.html
More information about the nio-dev
mailing list