On 30/06/2020 14:51, Seán Coffey wrote:
:
During the CSR review, a suggestion was made to have jarsigner
preserve such attributes by default. Warnings about these attributes
will also be added during signing and verify operations (if detected).
Yes, signing should be additive so the original proposal to drop
information from the UNIX extra block would be surprising. The
intersection of those using zip/other tools to create zip files and then
signing them with jarsigner is probably small but it would still be
confusing for signing to loose information. Having jarsigner refuse to
sign these zip files by default, with an option to override, would be a
reasonable approach. The current proposal to printing a warning seems
okay too.
I've skimmed through webrev.8218021.v5 which has this warning:
"POSIX file permission attributes detected. Note that these attributes
are unsigned and not protected by the signature."
I realize you've agreed this with the other Reviewers but I think that
"Note that these attributes are unsigned ..." is confusing as it could
be interpreted to mean that they have to be signed by some other means,
or even that the warning is because they are using unsigned values.
It might be better to tweak the second part to make it a bit clearer, up
to you but something like "These attributes are ignored when signing and
are not protected by the signature".
-Alan
