On Thu, 18 Nov 2021 19:27:30 GMT, Martin Balao wrote:
>
>
> Hi @valeriepeng ,
>
> Some comments and questions regarding Webrev.01:
>
> * P11Key.java
>
> * Would you consider replacing the 'Internal' suffix with 'Opaque'? I
> believe the term 'opaque' better reflects what these keys
Here are the code changes for the "Deprecate finalizers in the standard Java
API" portion of JEP 421 ("Deprecate Finalization for Removal") for code review.
This change makes the indicated deprecations, and updates the API spec for JEP
421. It also updates the relevant @SuppressWarning
Thanks for the quick response and for the pointer to
https://bugs.openjdk.java.net/browse/JDK-8203316
The change in the default value of java.security.manager prevents Derby
from installing a SecurityManager when the user forgets to. This
increases Derby's attack surface, significantly in my
On Sun, 26 Sep 2021 15:10:52 GMT, Andrey Turbanov wrote:
> In couple of classes, result part of arrays of Pattern.split is compared with
> `null`. Pattern.split (and hence String.split) never returns `null` in array
> elements. Such comparisons are redundant.
Marked as reviewed by iris
On Thu, 18 Nov 2021 18:37:38 GMT, Valerie Peng wrote:
>>> > ```
>>> > * By eliminating P11RSAPrivateKey::getModulus, looks to me that
>>> > P11PrivateKeyRSA::getModulus and P11PrivateKeyRSA::fetchValues are now
>>> > called, leading to an unnecessary call to the native library as the
>>> >
On Sun, 26 Sep 2021 15:10:52 GMT, Andrey Turbanov wrote:
> In couple of classes, result part of arrays of Pattern.split is compared with
> `null`. Pattern.split (and hence String.split) never returns `null` in array
> elements. Such comparisons are redundant.
Marked as reviewed by rriggs
On 11/18/21 1:22 PM, Rick Hillegas wrote:
Here's the output I get when I run that program against 18-ea+23-1525
WITHOUT setting java.security.manager on the boot command line:
Exception in thread "main" java.lang.UnsupportedOperationException: The
Security Manager is deprecated and will be
On Thu, 18 Nov 2021 15:03:33 GMT, Sean Mullan wrote:
>> We should, but the problem is that jarsigner needs to individually test each
>> algorithm, so it can properly display which algorithm is restricted. So, I
>> think it will need to parse the RSSASSA params itself, and then call the
>>
On Tue, 16 Nov 2021 18:10:04 GMT, Sean Mullan wrote:
>> When a signature/digest algorithm was being checked, the algorithm
>> constraints checked both the signature/digest algorithm and the key to see
>> if they were restricted. This caused duplicate checks and was also
>> problematic for
On Wed, 17 Nov 2021 21:25:33 GMT, Martin Balao wrote:
>
>
> > > ```
> > > * By eliminating P11RSAPrivateKey::getModulus, looks to me that
> > > P11PrivateKeyRSA::getModulus and P11PrivateKeyRSA::fetchValues are now
> > > called, leading to an unnecessary call to the native library as the
>
Re-sending from the account linked to my security-dev subscription
Forwarded Message
Build 18-ea+23-1525 has introduced another hurdle for applications which
use the SecurityManager. In order to install a SecurityManager, you now
have to set -Djava.security.manager=allow
Build 18-ea+23-1525 has introduced another hurdle for applications which
use the SecurityManager. In order to install a SecurityManager, you now
have to set -Djava.security.manager=allow on the boot command line. This
property cannot be set programatically, unlike the other system
properties
On Tue, 16 Nov 2021 17:53:16 GMT, Sean Mullan wrote:
>> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line
>> 1491:
>>
>>> 1489: private static String checkWeakAlg(String alg,
>>> CertPathConstraintsParameters cpcp) {
>>> 1490: try {
>>> 1491:
On Mon, 15 Nov 2021 17:03:51 GMT, Sean Mullan wrote:
> Please review this 20+ year old bug (!), which marks the non-serializable
> fields of Certificate and CertPath with the transient modifier. These classes
> use an alternate serialization mechanism by overriding the writeReplace
> method.
14 matches
Mail list logo
