But someone could modify the default permissions and take out the
PropertyPermission for "os.name", right?
Mandy
On 7/15/2014 6:19 PM, Wang Weijun wrote:
There is no permission needed to get the "os.name" property. The global
jre/lib/security/java.policy file also granted all codes to get tha
There is no permission needed to get the "os.name" property. The global
jre/lib/security/java.policy file also granted all codes to get that.
--Max
On Jul 15, 2014, at 23:27, Sean Mullan wrote:
> 2. The code on lines 65-69 introduces an undesirable dependency on
> sun.security.action for the
Code change looks fine. I guess this belongs to the category of minor
clarification that does not need a CCC?
--Max
On Jul 16, 2014, at 4:59, Sean Mullan wrote:
> Please review this simple fix to clarify the SignatureException thrown by
> SignedObject.verify:
>
> http://cr.openjdk.java.net/~
Please review this simple fix to clarify the SignatureException thrown
by SignedObject.verify:
http://cr.openjdk.java.net/~mullan/webrevs/4867890/webrev.00/
Thanks,
Sean
I would also get Valerie's review before you push this since she is more
familiar with this area, but I have a couple of comments:
1. Please add an appropriate noreg label to the bug.
2. The code on lines 65-69 introduces an undesirable dependency on
sun.security.action for the JDK 9 modulariz
Looks fine to me.
Thanks,
Xuelei
On 7/15/2014 1:24 AM, Seán Coffey wrote:
> Looking to backport this change to jdk7u-dev. Best security practice
> would be to lower the preference ordering of RC4 ciphersuites. This is
> work that's already in progress for JDK 8u and JDK 9.
>
> For JDK 7u, I'd al
