Review Request for 9000142: PlatformPCSC.java loading unversioned native shared library

Andrew Hughes gnu.andrew at redhat.com
Fri Mar 21 17:28:25 UTC 2014



----- Original Message -----
> On 02/04/2014 04:48 PM, Andrew Hughes wrote:
> 
> > As has already been mentioned on this thread, libraries should have their
> > version increased when the ABI changes. Thus, a libpcsclite.so.2 or later
> > would indicate a different ABI to what the JDK PCSC code was written for.
> >
> > Now, it may be that the code also works fine with .2, but from my
> > perspective,
> > I'd rather the JDK fail with an error message and someone manually points
> > it
> > at a working .2 (and hopefully gives feedback that it's all good), than
> > the JDK grabs any old version of the library and then crashes when the ABI
> > doesn't match. That not only looks worse, but it's potentially harder to
> > debug as well.
> 
> I still think it's better to remove the dlopen/dlsym machinery and use
> dynamic linking instead.
> 

I've provided that as an option in IcedTea, but it then means that a different PCSC
implementation can't be swapped in.

> --
> Florian Weimer / Red Hat Product Security Team
> 

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07



More information about the security-dev mailing list