Re: RFR: 8330542: Add two sample configuration files in preparation for a more secure by default configuration [v3]
On Fri, 19 Apr 2024 20:45:36 GMT, Lance Andersen wrote: >> Joe Wang has updated the pull request incrementally with one additional >> commit since the last revision: >> >> fix typo > > src/java.xml/share/conf/jaxp-compat.properties line 20: > >> 18: # JDK has switched to a strict configuration as indicated in >> jaxp-strict.properties. >> 19: # This configuration contains the same properties as those in >> jaxp-strict.properties >> 20: # except it sets them back to the current status of the JDK. Note that, >> although > > 'sets them back to the current status of the JDK' > > I think you are trying to indicate that this property file specifies the JAXP > property values that were in place prior to being More Secure? Thanks Lance for the offline discussion. Updated the description. - PR Review Comment: https://git.openjdk.org/jdk/pull/18831#discussion_r1573002287
Re: RFR: 8330542: Add two sample configuration files in preparation for a more secure by default configuration [v3]
On Fri, 19 Apr 2024 17:39:30 GMT, Joe Wang wrote: >> Add two sample configuration files: >> >> jaxp-strict.properties: used to set strict configuration, stricter than >> jaxp.properties in previous versions such as JDK 22 >> >> jaxp-compat.properties: used to regain compatibility from any more >> restricted configuration than previous versions such as JDK 22 > > Joe Wang has updated the pull request incrementally with one additional > commit since the last revision: > > fix typo src/java.xml/share/conf/jaxp-compat.properties line 12: > 10: # > 11: # jaxp-strict.properties: this file resembles what will become the > Secure-By-Default > 12: # configuration where a strict restriction is the default. This file > allows strict restriction needs rewording. Perhaps something that indicates that this property file provides settings that will be equivalent to that will be the default JAXP settings in a future release to make the use of JAXP more secure out of the box src/java.xml/share/conf/jaxp-compat.properties line 20: > 18: # JDK has switched to a strict configuration as indicated in > jaxp-strict.properties. > 19: # This configuration contains the same properties as those in > jaxp-strict.properties > 20: # except it sets them back to the current status of the JDK. Note that, > although 'sets them back to the current status of the JDK' I think you are trying to indicate that this property file specifies the JAXP property values that were in place prior to being More Secure? - PR Review Comment: https://git.openjdk.org/jdk/pull/18831#discussion_r1572927195 PR Review Comment: https://git.openjdk.org/jdk/pull/18831#discussion_r1572940722
Re: RFR: 8330542: Add two sample configuration files in preparation for a more secure by default configuration [v3]
> Add two sample configuration files: > > jaxp-strict.properties: used to set strict configuration, stricter than > jaxp.properties in previous versions such as JDK 22 > > jaxp-compat.properties: used to regain compatibility from any more > restricted configuration than previous versions such as JDK 22 Joe Wang has updated the pull request incrementally with one additional commit since the last revision: fix typo - Changes: - all: https://git.openjdk.org/jdk/pull/18831/files - new: https://git.openjdk.org/jdk/pull/18831/files/98fcc3ef..e6386015 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=18831&range=02 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=18831&range=01-02 Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod Patch: https://git.openjdk.org/jdk/pull/18831.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/18831/head:pull/18831 PR: https://git.openjdk.org/jdk/pull/18831