RFR: 8250968: Symlinks attributes not preserved when using jarsigner on zip files
Seán Coffey
sean.coffey at oracle.com
Thu Aug 27 06:42:43 UTC 2020
Hi Max,
I looked at updating the warning string but figured that it might have
been of no interest to end users. How about this edit then ?
+ {"posix.attributes.detected", "POSIX file permission attributes
detected. These attributes are ignored when signing and are not
protected by the signature."},
>> replace with:
+ {"extra.attributes.detected", "POSIX file permission/symlink
attributes detected. These attributes are ignored when signing and are
not protected by the signature."},
regards,
Sean.
On 26/08/2020 23:15, Weijun Wang wrote:
> Are you going to update the warning text or create a new one?
>
> Thanks,
> Max
>
>> On Aug 26, 2020, at 2:26 PM, Seán Coffey <sean.coffey at oracle.com> wrote:
>>
>> This is a follow on from the recent 8218021 fix. The jarsigner tool removes symlink attribute data from zipfiles when signing them. jarsigner should preserve this data. The fix involves preserving the 16 bits associated with the file attributes (instead of the current 12). That's done in ZipFile. All other changes are just a refactor of the variable name.
>>
>> I haven't been able to automate a test for this since zipfs doesn't seem to support symlinks. Manual testing looks good.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8250968
>> http://hmsjpse.uk.oracle.com/home/scoffey/ws/jdk-jdk/open/webrev.8250968/webrev/index.html
>>
>> regards,
>> Sean.
>>
More information about the security-dev
mailing list