FilePermission Canonical path optimization
deven you
ydwchina at gmail.com
Mon Feb 9 05:27:16 UTC 2015
Hi Weijun,
>From my understanding, the new proposal will let implies method only
depends on the absolute path in policy file, correct? So it's user's
responsibility to ensure files who want to access is relative to the
absolute path in some policy file?
I personal agree this proposal. Is there any doc or link for this new
proposal? Or if you can update the information for this proposal here, I
will be very appreciate!
Thanks a lot!
2015-02-09 11:51 GMT+08:00 Wang Weijun <weijun.wang at oracle.com>:
>
> > On Feb 9, 2015, at 11:22, deven you <ydwchina at gmail.com> wrote:
> >
> > Hi Weijun,
> >
> > I see JDK-4141872 marked as Not an Issue, is there any further task
> continue, or there is any link else to track this problem to remove the
> canonical path?
>
> It was marked as Not an Issue, but we are reconsidering about it.
>
> >
> > It's a big improvement if canonical path can be totally removed but I
> can't figure out how we get the result of the implies* methods without
> canonical path? Any more detail?
>
> The current proposed idea is that if you want to access a file using
> absolute path, you should add a FilePermission line in the policy file with
> an absolute path. If relative, relative. The overall idea is that the
> implies method should be implemented without consulting the actual file
> system but only by looking at the names themselves.
>
> That's why I said there is a very big incompatible change. We hope people
> only needs to modify their policy files and do not need to rewrite their
> apps, but we are still investigating if this can always be true.
>
> Thanks
> Max
>
> >
> > Thanks a lot!
>
>
More information about the core-libs-dev
mailing list