RFR [11] 8207846: Generalize the jdk.net.includeInExceptions security property
Chris Hegarty
chris.hegarty at oracle.com
Mon Jul 23 16:10:33 UTC 2018
Thanks for the review Sean,
> On 23 Jul 2018, at 16:58, Sean Mullan <sean.mullan at oracle.com> wrote:
> ...
>> http://cr.openjdk.java.net/~chegar/8207846/webrev.00/
>
> A few nits and wording suggestions in the java.security file:
>
> "By default, several exception messages do not include potentially sensitive information such as file names, host names, or port numbers."
>
> I think the following sounds a bit better:
>
> "By default, exception messages should not include potentially sensitive
> information such as file names, host names, or port numbers."
>
> Also, the 2nd and 3rd sentences basically say the same thing. I would remove the 2nd sentence.
>
> "The categories, to enable enhanced exception message information, are:"
>
> I would remove ", to enable enhanced exception message information," since it seems redundant (and I believe is grammatically incorrect).
>
> hostInfo - IOExceptions thrown by java.net.Socket and also the ...
>
> Remove "also" (not really necessary).
Agreed. Here’s where this ended up.
#
# Enhanced exception message information
#
# By default, exception messages should not include potentially sensitive
# information such as file names, host names, or port numbers. This property
# accepts one or more comma separated values, each of which represents a
# category of enhanced exception message information to enable. Values are
# case-insensitive. Leading and trailing whitespaces, surrounding each value,
# are ignored. Unknown values are ignored.
#
# The categories are:
#
# hostInfo - IOExceptions thrown by java.net.Socket and the socket types in the
# java.nio.channels package will contain enhanced exception
# message information
#
# The property setting in this file can be overridden by a system property of
# the same name, with the same syntax and possible values.
#
#jdk.includeInExceptions=hostInfo
-Chris
More information about the security-dev
mailing list