Thanks Lance.
I've updated the patch with some extra offline feedback from yourself
and Max.
A new warning is printed with use of the new flag. A warning is also
printed when file posix permissions are detected on resources being
signed. Test updated for that also.
https://cr.openjdk.java.net/~coffeys/webrev.8218021.v3/webrev/
regards,
Sean.
On 12/06/2020 17:05, Lance Andersen wrote:
Hi Sean,
I think your changes look fine so all good FMPOV.
Best
Lance
On Jun 12, 2020, at 6:21 AM, Seán Coffey <sean.cof...@oracle.com
<mailto:sean.cof...@oracle.com>> wrote:
Hi,
I'd like to reboot this jarsigner enhancement request[1]. I've
removed the problem references to zip file name extensions. Instead,
there's a new JDK implementation specific jarsigner option:
-keepposixperms
https://bugs.openjdk.java.net/browse/JDK-8218021
https://cr.openjdk.java.net/~coffeys/webrev.8218021.v2/webrev/
regards,
Sean.
[1]
http://mail.openjdk.java.net/pipermail/security-dev/2020-January/021141.html
<http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif><http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif>Lance
Andersen| Principal Member of Technical Staff | +1.781.442.2037
Oracle Java Engineering
1 Network Drive
Burlington, MA 01803
lance.ander...@oracle.com <mailto:lance.ander...@oracle.com>
