RFR: 8155039: Simplify code to setup SSLContextImpl and TrustManagerFactoryImpl
Claes Redestad
claes.redestad at oracle.com
Tue Jun 21 19:32:17 UTC 2016
After some internal discussions:
http://cr.openjdk.java.net/~redestad/8155039/webrev.03/
Drops the PropertiesWrapper and Properties-retrieving approach in favor of a getter to retrieve multiple properties into a Map<String, String>.
/Claes
On 2016-06-10 20:13, Mandy Chung wrote:
>> On Jun 10, 2016, at 4:33 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> On 06/09/2016 10:32 PM, Mandy Chung wrote:
>>> Hi Claes,
>>>
>>> I don’t like the PropertiesWrapper idea. The caller should be
>>> cautious in storing any sensitive information. For the system
>>> properties, these callsites use it in the local scope that I don’t
>>> see any reason and benefit to introduce a wrapper. I didn’t follow
>>> this discussion closely and I may miss some reason ?
>> The original code used multiple calls to System.getProperty wrapped in a doPrivileged. Claes' first iteration of the fix changed this to use a GetPropertyAction.privilegedGetProperties method that returned a Properties object. I expressed a concern that this was now exposing an object that, if accidentally leaked to untrusted code could cause much more damage than the original code (since the code would be able to set/get/remove *any* system property). Hence the current fix which uses a wrapper class which is not exported.
>
> I actually see the original code is clearer to the reader and involves one single doPrivileged. I would avoid introducing PropertiesWrapper which I don’t think it’s the right way to protect security information. Sean may suggest to revert to the original code which I won’t object.
>
> Mandy
More information about the security-dev
mailing list