Code Review request for 7050329
Sean Mullan
sean.mullan at oracle.com
Thu Jun 2 14:03:00 UTC 2011
On 6/2/11 9:36 AM, Alan Bateman wrote:
> Sean Mullan wrote:
>> Hi Alan,
>>
>> Would you be able to review my fix for 7050329? In the fix, I removed the
>> dependency on the java.ext.dirs system property and the default java.policy
>> file, which may contain implementation-specific content and thus could vary on
>> JREs from other vendors.
>>
>> http://cr.openjdk.java.net/~mullan/webrevs/7050329/webrev.01/
>>
>> (Note that the bug hasn't appeared on bugs.sun.com yet)
>>
>> Thanks,
>> Sean
> Looks okay to me. I assume a simpler fix would be to just change the split to
> use the path separator rather than ":".
Yes, but I wanted to completely avoid any dependency and potential additional
parsing issues on java.ext.dirs, which can be extended to contain additional
directories, etc.
Similarly, I could not find a standard that *explicitly* states the default
java.policy file must grant AllPermission to standard extensions. It is sort of
implied by [1], but still not explicit in my opinion.
Although I think it would be very rare to fail because of those cases, I still
think this fix is better because it eliminates any doubt about that.
--Sean
[1]
http://download.java.net/jdk7/docs/technotes/guides/extensions/spec.html#security
More information about the security-dev
mailing list