RFR: 8319332: Security properties files inclusion [v17]
Weijun Wang
weijun at openjdk.org
Wed Aug 7 16:08:38 UTC 2024
On Tue, 6 Aug 2024 23:52:04 GMT, Martin Balao <mbalao at openjdk.org> wrote:
>> May be. This is a public API that only documents `SecurityException` for cases in which there is a Security Manager and `NullPointerException` for cases in which either the key or the value are `null`. Wouldn't be the exact case here, unless we stretch it a bit and document a new type of unchecked exception. I was thinking of `IllegalArgumentException`. What do you think?
>
> Proposed a change here: https://github.com/openjdk/jdk/pull/16483/commits/530bd81c2a73a39f00c6ba9524752f30600cd04d
I like this.
Just wondering, shall we throw IAE if `getProperty("include")` is called as well? In a very rare case that someone is already using it in `java.security` file and the value happens to be an existing file name, then this will catch it when the user is trying to read it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/16483#discussion_r1707349735
More information about the security-dev
mailing list