Re: RFR: 8368692: Restrict Password::readPassword from reading from System.in

Thu, 29 Jan 2026 13:39:31 -0800 

On Thu, 29 Jan 2026 20:38:08 GMT, Naoto Sato <[email protected]> wrote:

>> A new security/system property added to determine whether Java can read 
>> password from `System.in` if a console is not available.
>
> src/java.base/share/classes/sun/security/util/Password.java line 75:
> 
>> 73:                 } else if (in == System.in && !ALLOW_STDIN) {
>> 74:                     throw new UnsupportedOperationException("Console not 
>> available." +
>> 75:                             " Reading passwords from System.in is 
>> disallowed.");
> 
> Although I understand the meaning of this error, it might be a bit cryptic to 
> the user. Using the term "password input from non-interactive terminal" or 
> something along the lines might be easier.
> 
> Anyway, this "else if" clause can be merged with the following "else if", as 
> "in == System.in" is repeated.

Can we just say "from standard input"? I'm not sure "non-interactive terminal" 
is precise. And yes, I can put another level of `if` there.

> src/java.base/share/conf/security/java.security line 1729:
> 
>> 1727: # environment variable or a file.
>> 1728: #
>> 1729: #jdk.security.password.allowSystemIn = true
> 
> Should this be uncommented? Otherwise the default value is `null`

This is our usual pattern in `java.security`. By commenting out the line, the 
property read is null but internally treated as "true".

> test/jdk/sun/security/tools/keytool/AllowSystemIn.java line 29:
> 
>> 27:  * @summary Restrict Password::readPassword from reading from System.in
>> 28:  * @library /test/lib
>> 29:  * @run main AllowSystemIn succeed
> 
> Adding tests to check the system property value (should either be `true` or 
> `false`) would be helpful, as well as setting it to a bogus one.

I can add a bogus value but in a lot of cases the behavior is undefined. It 
could fail early or at called time. Anyway, this is an implementation detail 
and I can always adjust the test later.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/29490#discussion_r2743645058
PR Review Comment: https://git.openjdk.org/jdk/pull/29490#discussion_r2743649789
PR Review Comment: https://git.openjdk.org/jdk/pull/29490#discussion_r2743654112

Reply via email to