RFR 8170900: Issue with FilePermission::implies for wildcard flag(-)
Xuelei Fan
xuelei.fan at oracle.com
Thu Dec 22 00:12:53 UTC 2016
I think the note is an example, may not need an additional CCC.
For easier reading, I may use a contrast example. For example, "Note
that this means "/-" implies "/foo" but not "foo".".
Use the one you like, I'm OK with the either.
Xuelei
On 12/21/2016 3:58 PM, Wang Weijun wrote:
>
>> On Dec 22, 2016, at 4:39 AM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>>
>> I'm trying to understand this update. Does "/-" imply "/foo"?
>
> Yes.
>
>>
>> Does the following spec can be used to explain the new added note?
>>
>> * <li>if the wildcard flag is "-", the simple pathname's path
>> * must be recursively inside the wildcard pathname's path.
>
> Yes.
>
> But the precise meaning of "recursively inside" is different between the pre-jdk9 and jdk9 behaviors. The @implNote explains more.
>
> --Max
>
>>
>> Xuelei
>>
>> On 12/19/2016 11:25 PM, Wang Weijun wrote:
>>> Ping again.
>>>
>>>> On Dec 14, 2016, at 1:53 PM, Wang Weijun <weijun.wang at oracle.com> wrote:
>>>>
>>>> An clarification is added to FilePermission::implies:
>>>>
>>>> * @implNote
>>>> ....
>>>> * a simple {@code npath} is recursively inside a wildcard {@code npath}
>>>> * if and only if {@code simple_npath.relativize(wildcard_npath)}
>>>> - * is a series of one or more "..". An invalid {@code FilePermission} does
>>>> + * is a series of one or more "..". Note that this means "/-" does not
>>>> + * imply "foo". An invalid {@code FilePermission} does
>>>> * not imply any object except for itself.
>>>>
>>>> The newly added sentence is
>>>>
>>>> Note that this means "/-" does not imply "foo".
>>>>
>>>> JCK has agreed to update their test.
>>>>
>>>> Since this is just a clarification inside an @implNote and no spec is updated, I suppose no CCC is needed. Please confirm.
>>>>
>>>> Thanks
>>>> Max
>>>>
>>>
>
More information about the security-dev
mailing list