Thanks Lance.
I've updated the patch with some extra offline feedback from yourself
and Max.
A new warning is printed with use of the new flag. A warning is also
printed when file posix permissions are detected on resources being
signed. Test updated for that also.
https://cr.openjdk.java.net/~coffeys/webrev.8218021.v3/webrev/
regards,
Sean.
On 12/06/2020 17:05, Lance Andersen wrote:
Hi Sean,
I think your changes look fine so all good FMPOV.
Best
Lance
On Jun 12, 2020, at 6:21 AM, Seán Coffey <[email protected]
<mailto:[email protected]>> wrote:
Hi,
I'd like to reboot this jarsigner enhancement request[1]. I've
removed the problem references to zip file name extensions. Instead,
there's a new JDK implementation specific jarsigner option:
-keepposixperms
https://bugs.openjdk.java.net/browse/JDK-8218021
https://cr.openjdk.java.net/~coffeys/webrev.8218021.v2/webrev/
regards,
Sean.
[1]
http://mail.openjdk.java.net/pipermail/security-dev/2020-January/021141.html
<http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif><http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif>Lance
Andersen| Principal Member of Technical Staff | +1.781.442.2037
Oracle Java Engineering
1 Network Drive
Burlington, MA 01803
[email protected] <mailto:[email protected]>
