RFR: 8250968: Symlinks attributes not preserved when using jarsigner on zip files
Seán Coffey
sean.coffey at oracle.com
Sun Sep 6 19:43:33 UTC 2020
Thanks for the review Hai-May. I've implemented all your suggestions.
The CSR was approved late on Friday so I'll now submit this via PR on
github infra.
regards,
Sean.
On 28/08/2020 21:08, Hai-May Chao wrote:
> JarSigner.java #953: The output debug message can be removed from the
> code.
> JavaUtilZipFileAccess.java #44: Change posixPerms to extraAttrs.
> ZipFile.java #661: Suggest to keep the comment and update it with the
> additional 4 bits for symlink.
>
> The rest of code changes and CSR look good.
>
> Thanks,
> Hai-May
>
>
>> On Aug 28, 2020, at 7:17 AM, Seán Coffey <sean.coffey at oracle.com
>> <mailto:sean.coffey at oracle.com>> wrote:
>>
>> I've been poking around the zip internals and am now able to locate
>> the 16 bits of interest. The position of these actual bits does
>> appear to move around from one test run to another. For now, I guess
>> it's sufficient to look for the pattern of interest in the signed zip
>> file. New testcase added.
>>
>> http://cr.openjdk.java.net/~coffeys/webrev.8250968.v4/webrev/
>>
>> regards,
>> Sean.
>>
>> On 27/08/2020 15:58, Weijun Wang wrote:
>>>> Looks like it was a conscious design decision to only allow recording of POSIX permission bits for this field (& 0xFFF). I don't see anything about symlink support in zipfs docs.
>>> As long as that*byte* is there and it’s not difficult to locate, we can manually add the*bit* for symlink and see if jarsigner can keep it.
>>>
>>> —Max
>>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20200906/994ab5e3/attachment.htm>
More information about the security-dev
mailing list