RFR: 8352728: InternalError loading java.security due to Windows parent folder permissions [v14]

Fri Dec 5 22:37:00 UTC 2025

On Fri, 5 Dec 2025 20:37:14 GMT, Francisco Ferrari Bihurriet <fferrari at openjdk.org> wrote:

>> OpenSSH [defines to possible base paths for relative `Include` keywords](https://man7.org/linux/man-pages/man5/ssh_config.5.html#Include:~:text=Files%20without%20absolute%20paths,system%20configuration%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20file%2e):
>>> Files without absolute paths are assumed to be in `~/.ssh` if included in a user configuration file or `/etc/ssh` if included from the system configuration file.
>
> Apache HTTP Server [resolves against the defined `ServerRoot` directory](https://httpd.apache.org/docs/current/mod/core.html#include:~:text=Or%2C%20providing%20paths,conf/vhosts/*.conf):
>> Or, providing paths relative to your [`ServerRoot`](https://httpd.apache.org/docs/current/mod/core.html#serverroot) directory:
>>
>>     Include conf/ssl.conf
>>     Include conf/vhosts/*.conf

I have pushed the changes to proceed without resolution (9f298af59431507a66e3141c54abb59fcf3666f6, 2a012397baf0599e7dbe209975b3b353c3de5617, 1178544bda12bb4a6cd4d4400dad618292f29151, c33bf62c2831acefd90ec476fcfb6d853be873ee).

Since we are no longer resolving paths, we can incur in some relative paths complexity, which is perhaps not very friendly in debug message logs. Each relative include can potentially introduce some `../`, which will accumulate if paths are not resolved.

So we can end with paths like the following one:

/basedir/jdk/conf/security/../../../properties/dir1/../../jdk/conf/security/other.properties


Which could be simply logged as:

/basedir/jdk/conf/security/other.properties


So even when I already adjusted the test case, is perhaps better to undo the test changes and try to beautify the paths in debugging messages (but with `LinkOption.NOFOLLOW_LINKS`, to avoid confusion):

diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java
index 36021f42862..533072b0d08 100644
--- a/src/java.base/share/classes/java/security/Security.java
+++ b/src/java.base/share/classes/java/security/Security.java
@@ -311,8 +311,13 @@ private static void loadFromUrl(URL url, LoadingMode mode)
         private static void debugLoad(boolean start, Object source) {
             if (sdebug != null) {
+                if (source instanceof Path path) {
+                    try {
+                        source = path.toRealPath(LinkOption.NOFOLLOW_LINKS);
+                    } catch (IOException ignore) {}
+                }
                 int level = activePaths.isEmpty() ? 1 : activePaths.size();
                 sdebug.println((start ?
                         ">".repeat(level) + " starting to process " :
                         "<".repeat(level) + " finished processing ") + source);
             }
         }



NOTE: even with `LinkOption.NOFOLLOW_LINKS`, `path.toRealPath()` fails for the problematic cases, so it would be just a best effort to make the paths clearer for the user.

What do you think?

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24465#discussion_r2594151432
