RFR: 8250968: Symlinks attributes not preserved when using jarsigner on zip files

Weijun Wang WEIJUN.WANG at ORACLE.COM
Fri Aug 28 15:18:18 UTC 2020


1. Add a comment on how to generate ZIPBYTES in the test. Not the byte[] declaration but how the original ZIP file is generated.

2. Does this require a CSR? The POSIX permission one had one.

Thanks,
Max

> On Aug 28, 2020, at 10:17 AM, Seán Coffey <sean.coffey at oracle.com> wrote:
> 
> I've been poking around the zip internals and am now able to locate the 16 bits of interest. The position of these actual bits does appear to move around from one test run to another. For now, I guess it's sufficient to look for the pattern of interest in the signed zip file. New testcase added.
> 
> http://cr.openjdk.java.net/~coffeys/webrev.8250968.v4/webrev/
> 
> regards,
> Sean.
> 
> On 27/08/2020 15:58, Weijun Wang wrote:
>>> Looks like it was a conscious design decision to only allow recording of POSIX permission bits for this field (& 0xFFF). I don't see anything about symlink support in zipfs docs.
>>> 
>> As long as that *byte* is there and it’s not difficult to locate, we can manually add the *bit*
>>  for symlink and see if jarsigner can keep it.
>> 
>> —Max
>> 
>> 



More information about the security-dev mailing list