RFR 8213031: (zipfs) Add support for POSIX file permissions (was: Enhance jdk.nio.zipfs to support Posix File Permissions)
Langer, Christoph
christoph.langer at sap.com
Mon Oct 29 14:55:20 UTC 2018
Hi Alan, security guys,
I've proposed a CSR for this change now: https://bugs.openjdk.java.net/browse/JDK-8213082.
I also updated the webrev, simplifying jdk.nio.zipfs.ZipUtils.permsFromFlags and eliminating the WeakHashMap: http://cr.openjdk.java.net/~clanger/webrevs/8213031.2/
Since I've decoupled the changes to java.util.zip and jartool from those in jdk.zipfs, we're discussing only jdk.zipfs here.
The implication of my change is that when working with files backed by the nio FileSystemProvider (java.nio.file.spi.FileSystemProvider) named "jar", which is the alias for zipfs, the files will support attributes of type java.nio.file.attribute.PosixFilePermissions ("posix:permissions").
It basically means that some methods of java.nio.file.Files that would return null or UnsupportedOperationException before would find an implementation now.
Examples:
https://download.java.net/java/early_access/jdk11/docs/api/java.base/java/nio/file/Files.html#getPosixFilePermissions(java.nio.file.Path,java.nio.file.LinkOption...)
https://download.java.net/java/early_access/jdk11/docs/api/java.base/java/nio/file/Files.html#setPosixFilePermissions(java.nio.file.Path,java.util.Set)
https://download.java.net/java/early_access/jdk11/docs/api/java.base/java/nio/file/Files.html#readAttributes(java.nio.file.Path,java.lang.Class,java.nio.file.LinkOption...)
* With class https://download.java.net/java/early_access/jdk11/docs/api/java.base/java/nio/file/attribute/PosixFileAttributes.html
https://download.java.net/java/early_access/jdk11/docs/api/java.base/java/nio/file/Files.html#getFileAttributeView(java.nio.file.Path,java.lang.Class,java.nio.file.LinkOption...)
* With class https://download.java.net/java/early_access/jdk11/docs/api/java.base/java/nio/file/attribute/PosixFileAttributeView.html
Thanks in advance for reviewing.
Best regards
Christoph
From: Alan Bateman <Alan.Bateman at oracle.com>
Sent: Montag, 29. Oktober 2018 13:06
To: Langer, Christoph <christoph.langer at sap.com>; core-libs-dev <core-libs-dev at openjdk.java.net>; security-dev at openjdk.java.net; Xueming Shen <xueming.shen at oracle.com>
Cc: Volker Simonis <volker.simonis at gmail.com>; Andrew Luo <andrewluotechnologies at outlook.com>; nio-dev <nio-dev at openjdk.java.net>
Subject: Re: RFR 8213031: (zipfs) Add support for POSIX file permissions (was: Enhance jdk.nio.zipfs to support Posix File Permissions)
On 29/10/2018 09:26, Langer, Christoph wrote:
:
As per request from Alan, I'm adding security-dev to get a review from security perspective.
For security-dev then I think it would be better to write-up a summary of the overall proposal and the implications for applications/libraries that use the APIs and the jar tool. The security discussion points all relate to capture and propagation of file permissions.
-Alan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20181029/b3ea184d/attachment.htm>
More information about the security-dev
mailing list