RFR 8164705: Remove pathname canonicalization from FilePermission

Weijun Wang weijun.wang at oracle.com
Tue Sep 13 03:34:38 UTC 2016


Have you finished the deeper pass? :-)

Thanks
Max

On 9/2/2016 8:18, Brian Burkhalter wrote:
> At the API level and conceptually this all appears reasonable. I am
> going to need to take a deeper pass over it all however to comprehend
> the implementation at any kind of detailed level. The changes mentioned
> in response to Alan’s comments all appear good.
>
> Thanks,
>
> Brian
>
> On Sep 1, 2016, at 7:25 AM, Weijun Wang <weijun.wang at oracle.com
> <mailto:weijun.wang at oracle.com>> wrote:
>
>> Webrev updated at
>>
>>   http://cr.openjdk.java.net/~weijun/8164705/webrev.01
>>
>> Most suggestions from Alan accepted, including:
>>
>> 1. Using SharedSecrets.getJavaIOFilePermissionAccess() style instead
>> of public functions.
>>
>> 2. jdk.io.permissionsUseCanonicalPath=<boolean>.
>>
>> 3. samepath.sh rewritten in ReadFileOnPath.java.
>>
>> Still using "ugly" method names. Thinking they are clear enough.
>



More information about the security-dev mailing list