RFR: 8250968: Symlinks attributes not preserved when using jarsigner on zip files

Seán Coffey sean.coffey at oracle.com
Thu Aug 27 06:42:43 UTC 2020


Hi Max,

I looked at updating the warning string but figured that it might have 
been of no interest to end users. How about this edit then ?

+        {"posix.attributes.detected", "POSIX file permission attributes 
detected. These attributes are ignored when signing and are not 
protected by the signature."},

 >> replace with:
+        {"extra.attributes.detected", "POSIX file permission/symlink 
attributes detected. These attributes are ignored when signing and are 
not protected by the signature."},

regards,
Sean.

On 26/08/2020 23:15, Weijun Wang wrote:
> Are you going to update the warning text or create a new one?
>
> Thanks,
> Max
>
>> On Aug 26, 2020, at 2:26 PM, Seán Coffey <sean.coffey at oracle.com> wrote:
>>
>> This is a follow on from the recent 8218021 fix. The jarsigner tool removes symlink attribute data from zipfiles when signing them. jarsigner should preserve this data. The fix involves preserving the 16 bits associated with the file attributes (instead of the current 12). That's done in ZipFile. All other changes are just a refactor of the variable name.
>>
>> I haven't been able to automate a test for this since zipfs doesn't seem to support symlinks. Manual testing looks good.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8250968
>> http://hmsjpse.uk.oracle.com/home/scoffey/ws/jdk-jdk/open/webrev.8250968/webrev/index.html
>>
>> regards,
>> Sean.
>>


More information about the security-dev mailing list