Redundant check in java.security.BasicPermission.implies()
Tom Hawtin
tom.hawtin at oracle.com
Mon Dec 2 01:08:53 UTC 2013
On 29/11/2013 20:29, Alex Yursha wrote:
> The javadocs for the class java.security.BasicPermission says, that the
> naming convention for BasicPermission names follows the hierarchical
> property naming convention with possible wildcards. AFAIU, *hierarchical
> property naming convention* assumes that you specify either a simple
> identifier like /user/, or a sequence of dot-separated identifiers like
> /user.group.id <http://user.group.id> - /so what is the purpose for
> names like /user. /with a dot at the end? It seems like it contradicts
> the documentation and has no purpose.
As code, including configuration, outside the JDK may be relying upon
the behaviour of BasicPermission, this would seem unlikely to change.
The documentation may get clarified.
I cannot see find any definition of "the hierarchical property naming
convention". BasicPermission accepts any non-null non-empty name,
including those with a trailing dot. If I had to invent a meaning of the
trailing dot, I'd say it was superfluous, which matches the code.
As usual with ad hoc text formats the have parsing spread around the
code and no clear specification, they're a bit of a mess.
Tom
More information about the security-dev
mailing list