RFR: 8352728: InternalError loading java.security due to Windows parent folder permissions [v13]

Sean Mullan mullan at openjdk.org
Tue Dec 2 14:15:58 UTC 2025 

On Fri, 28 Nov 2025 18:35:12 GMT, Francisco Ferrari Bihurriet <fferrari at openjdk.org> wrote:

>> Hi, this is a proposal to fix 8352728.
>> 
>> The main idea is to replace [`java.nio.file.Path::toRealPath`](https://docs.oracle.com/en/java/javase/24/docs/api/java.base/java/nio/file/Path.html#toRealPath(java.nio.file.LinkOption...)) by [`java.io.File::getCanonicalPath`](https://docs.oracle.com/en/java/javase/24/docs/api/java.base/java/io/File.html#getCanonicalPath()) for path canonicalization purposes. The rationale behind this decision is the following:
>> 
>> 1. In _Windows_, `File::getCanonicalPath` handles restricted permissions in parent directories. Contrarily, `Path::toRealPath` fails with `AccessDeniedException`.
>> 2. In _Linux_, `File::getCanonicalPath` handles non-regular files (e.g. `/dev/stdin`). Contrarily, `Path::toRealPath` fails with `NoSuchFileException`.
>> 
>> #### Windows Case
>> 
>> @martinuy and I tracked down the `File::getCanonicalPath` vs `Path::toRealPath` behaviour differences in _Windows_. Both methods end up calling the [`FindFirstFileW`](https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-findfirstfilew) API inside a loop for each parent directory in the path, until they include the leaf:
>> 
>> * [`File::getCanonicalPath`](https://github.com/openjdk/jdk/blob/jdk-24-ga/src/java.base/share/classes/java/io/File.java#L618 "src/java.base/share/classes/java/io/File.java:618") goes through the following stack into `FindFirstFileW`:
>>     * [`WinNTFileSystem::canonicalize`](https://github.com/openjdk/jdk/blob/jdk-24-ga/src/java.base/windows/classes/java/io/WinNTFileSystem.java#L473 "src/java.base/windows/classes/java/io/WinNTFileSystem.java:473")
>>     * [`WinNTFileSystem::canonicalize0`](https://github.com/openjdk/jdk/blob/jdk-24-ga/src/java.base/windows/native/libjava/WinNTFileSystem_md.c#L288 "src/java.base/windows/native/libjava/WinNTFileSystem_md.c:288")
>>     * [`wcanonicalize`](https://github.com/openjdk/jdk/blob/jdk-24-ga/src/java.base/windows/native/libjava/canonicalize_md.c#L233 "src/java.base/windows/native/libjava/canonicalize_md.c:233") (here is the loop)
>>     * If `FindFirstFileW` fails with `ERROR_ACCESS_DENIED`, `lastErrorReportable` is consulted, the error is [considered non-reportable](https://github.com/openjdk/jdk/blob/jdk-24-ga/src/java.base/windows/native/libjava/canonicalize_md.c#L139 "src/java.base/windows/native/libjava/canonicalize_md.c:139") and the iteration is stopped [here](https://github.com/openjdk/jdk/blob/jdk-24-ga/src/java.base/windows/native/libjava/canonicalize_md.c#L246-L250 "src/ja...
>
> Francisco Ferrari Bihurriet has updated the pull request incrementally with two additional commits since the last revision:
> 
>  - Address review comments
>  - Slightly improve ConfigFileTestDirPermissions
>    
>    Extract restrictedAcl() AutoCloseable and also use AutoCloseable for the
>    temporary directory cleanup.

test/jdk/java/security/Security/ConfigFileTestAnonymousPipes.sh line 1:

> 1: #

This test failed on linux-x64 in our test systems. Here's a snippet of the logfile:


properties[0x3|main|Security.java:160|2025-12-02 13:35:48.066]: unable to load security properties from <(echo include /dev/stdin)
java.io.FileNotFoundException: <(echo include /dev/stdin)
	at java.base/java.security.Security$SecPropLoader.loadExtraFromPath(Security.java:209)
	at java.base/java.security.Security$SecPropLoader.loadExtraHelper(Security.java:178)
	at java.base/java.security.Security$SecPropLoader.loadExtra(Security.java:157)
	at java.base/java.security.Security$SecPropLoader.loadAll(Security.java:122)
	at java.base/java.security.Security.initialize(Security.java:337)
	at java.base/java.security.Security.<clinit>(Security.java:326)
	at java.base/jdk.internal.misc.Unsafe.ensureClassInitialized0(Native Method)
	at java.base/jdk.internal.misc.Unsafe.ensureClassInitialized(Unsafe.java:1195)
	at java.base/java.lang.invoke.MethodHandles$Lookup.ensureInitialized(MethodHandles.java:2750)
	at java.base/jdk.internal.access.SharedSecrets.ensureClassInitialized(SharedSecrets.java:504)
	at java.base/jdk.internal.access.SharedSecrets.getJavaSecurityPropertiesAccess(SharedSecrets.java:320)
	at java.base/sun.launcher.SecuritySettings.printSecurityProperties(SecuritySettings.java:88)
	at java.base/sun.launcher.SecuritySettings.printSecuritySettings(SecuritySettings.java:63)
	at java.base/sun.launcher.LauncherHelper.showSettings(LauncherHelper.java:172)

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24465#discussion_r2581371292

More information about the security-dev mailing list