RFR: 8218021: jarsigner strips the execute permission when signing a .zip file

[Seán Coffey]

Thanks Lance.

I've updated the patch with some extra offline feedback from yourself 
and Max.
A new warning is printed with use of the new flag. A warning is also 
printed when file posix permissions are detected on resources being 
signed. Test updated for that also.

https://cr.openjdk.java.net/~coffeys/webrev.8218021.v3/webrev/

regards,
Sean.

On 12/06/2020 17:05, Lance Andersen wrote:
> Hi Sean,
>
> I think your changes look fine so all good FMPOV.
>
> Best
> Lance
>
>> On Jun 12, 2020, at 6:21 AM, Seán Coffey <sean.coffey at oracle.com 
>> <mailto:sean.coffey at oracle.com>> wrote:
>>
>> Hi,
>>
>> I'd like to reboot this jarsigner enhancement request[1]. I've 
>> removed the problem references to zip file name extensions. Instead, 
>> there's a new JDK implementation specific jarsigner option: 
>> -keepposixperms
>>
>> https://bugs.openjdk.java.net/browse/JDK-8218021
>> https://cr.openjdk.java.net/~coffeys/webrev.8218021.v2/webrev/
>>
>> regards,
>> Sean.
>>
>> [1] 
>> http://mail.openjdk.java.net/pipermail/security-dev/2020-January/021141.html
>>
>
> <http://oracle.com/us/design/oracle-email-sig-198324.gif>
> <http://oracle.com/us/design/oracle-email-sig-198324.gif><http://oracle.com/us/design/oracle-email-sig-198324.gif>
> <http://oracle.com/us/design/oracle-email-sig-198324.gif>Lance 
> Andersen| Principal Member of Technical Staff | +1.781.442.2037
> Oracle Java Engineering
> 1 Network Drive
> Burlington, MA 01803
> Lance.Andersen at oracle.com <mailto:Lance.Andersen at oracle.com>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20200622/44d713fa/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: oracle_sig_logo.gif
Type: image/gif
Size: 658 bytes
Desc: not available
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20200622/44d713fa/oracle_sig_logo.gif>