[9] request for review: 8049171: Additional tests for jarsigner's warnings

Weijun Wang weijun.wang at oracle.com
Mon Jan 26 02:03:33 UTC 2015



On 1/23/2015 16:12, Artem Smotrakov wrote:
> If the MANIFEST and the signature files must be at the beginning, should
> it be considered as a bug in jarsigner? Should it reject such files?

I think so. Will file a bug.

>>
>> The "jar u" way is to copy each old entry into destination unless the
>> entry name is in the updated list where the new file will be read.
>> Finally the untouched files in the updated list are appended.
> Since tests were not originally for checking some unusual ways for
> updating jars, I think they need to be updated to use the "jar u" way
> for adding unsigned entry.

Good.

Thanks
Max

>
> Artem
>>
>
>
>


More information about the security-dev mailing list