RFR: JDK-8047769 SecureRandom should be more frugal with file descriptors

Peter Levart peter.levart at gmail.com
Mon Dec 29 09:45:14 UTC 2014


On 12/29/2014 10:08 AM, Alan Bateman wrote:
> On 24/12/2014 11:37, Peter Levart wrote:
>> Hi Brad,
>>
>> Thanks for looking into this. Here's updated webrev:
>>
>> http://cr.openjdk.java.net/~plevart/jdk9-dev/FileInputStreamPool.8047769/webrev.02/ 
>>
>>
> This mostly looks good to me too, except the permission checking. As I 
> read it, getInputStream uses getCanonicalFile and thus the permission 
> check will be happen early and so it makes me wonder if checkRead is 
> needed. Additionally, both of the uses are in privileged blocks so it 
> looks like checkRead will always be called with a stack that has 
> AllPermission anyway.
>
> -Alan.

Thanks for looking at this, Alan.

You're right about File.getCanonicalFile(). It already checks read 
permission for a file. The additional explicit check is superfluous. I 
have removed it.

With explicit check I wanted the API to behave uniformly regardless of 
whether the returned stream is opened by getInputStream() call or an 
already opened stream is just returned. getCannonicalFile() already 
takes care of it. Here's the updated webrev:

http://cr.openjdk.java.net/~plevart/jdk9-dev/FileInputStreamPool.8047769/webrev.03/


Regards, Peter



More information about the security-dev mailing list