Code Review request for 7050329

Sean Mullan sean.mullan at oracle.com
Thu Jun 2 07:03:00 PDT 2011


On 6/2/11 9:36 AM, Alan Bateman wrote:
> Sean Mullan wrote:
>> Hi Alan,
>>
>> Would you be able to review my fix for 7050329? In the fix, I removed the
>> dependency on the java.ext.dirs system property and the default java.policy
>> file, which may contain implementation-specific content and thus could vary on
>> JREs from other vendors.
>>
>> http://cr.openjdk.java.net/~mullan/webrevs/7050329/webrev.01/
>>
>> (Note that the bug hasn't appeared on bugs.sun.com yet)
>>
>> Thanks,
>> Sean
> Looks okay to me. I assume a simpler fix would be to just change the split to
> use the path separator rather than ":".

Yes, but I wanted to completely avoid any dependency and potential additional 
parsing issues on java.ext.dirs, which can be extended to contain additional 
directories, etc.

Similarly, I could not find a standard that *explicitly* states the default 
java.policy file must grant AllPermission to standard extensions. It is sort of 
implied by [1], but still not explicit in my opinion.

Although I think it would be very rare to fail because of those cases, I still 
think this fix is better because it eliminates any doubt about that.

--Sean

[1] 
http://download.java.net/jdk7/docs/technotes/guides/extensions/spec.html#security



More information about the security-dev mailing list