Fwd: RFR 7191662: JCE providers should be located via ServiceLoader
Valerie Peng
valerie.peng at oracle.com
Wed May 27 22:35:46 UTC 2015
Sean,
FYI, I have asked the build team to review the makefile changes.
BTW, I changed java.security.Provider file to use @implSpec as Joe has
suggested. In addition, I changed the getArgument() impl in
OracleUcrypto provider + SunPKCS11 provider to only return the value if
the caller has read permission to the file. I feel this is probably
safer as we don't want to reveal the path (potential info leak) to
untrusted callers. If the callers don't have the right permission, then
"" is returned. If you prefer SecurityException be thrown, please let me
know. I will need to update the CCC and the webrev.
Thanks,
Valerie
-------- Original Message --------
Subject: RFR 7191662: JCE providers should be located via ServiceLoader
Date: Wed, 27 May 2015 15:29:27 -0700
From: Valerie Peng <valerie.peng at oracle.com>
Organization: Oracle Corporation
To: build-dev at openjdk.java.net, Mandy Chung <mandy.chung at oracle.com>
Hi, build experts,
Can you please review the make file related change, i.e. the new file ||
*make/gensrc/Gensrc-java.naming.gmk*, in the following webrev:
http://cr.openjdk.java.net/~valeriep/7191662/webrev.01/
This is for merging the java.security.Provider file from various
providers and use the (merged) result for the final image build.
The rest of source code changes are reviewed by my team already.
Thanks,
Valerie
(Java Security Team)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150527/c49ed361/attachment.htm>
More information about the security-dev
mailing list