On Fri, 14 Oct 2022 17:27:34 GMT, Aleksei Efimov <aefi...@openjdk.org> wrote:
>> src/java.base/share/conf/security/java.security line 1388:
>>
>>> 1386: # are unused.
>>> 1387: #
>>> 1388: # Each class name pattern is matched against the factory class name
>>> to allow or disallow its
>>
>> It appears that for those protocols for which there is no specific filter, a
>> factory class will be accepted only if the global filter returns ALLOWED -
>> which contradicts what is written here (where it says that the class is
>> allowed if it's not REJECTED). Is this something that has changed with this
>> fix - or was the documentation wrong before?
>
> Very good catch Daniel! It is with this fix and I believe the code needs to
> be change to match what is written for the global filter here:
> What we've had before in `checkInput`:
>
> private static boolean checkInput(FactoryInfo factoryInfo) {
> Status result = GLOBAL.checkInput(factoryInfo);
> return result != Status.REJECTED;
>
> What we have now:
>
> if (filter == GLOBAL_FILTER) {
> return globalResult == Status.ALLOWED;
> }
>
>
> I think it needs to be changed to (to match the description for global
> filter):
>
> if (filter == GLOBAL_FILTER) {
> return globalResult != Status.REJECTED;
> }
In the general composition of filters, it is preferable that UNDECIDED is
treated as REJECTED.
That keeps unintentional holes in a filter from being permissive.
-------------
PR: https://git.openjdk.org/jdk/pull/10578
