Don't get me wrong, it's good that OpenJDK is improving encapsulation,
it's just OpenJDK is also undoing years of tested and hardened API's,
that we're expected to come up with DIY solutions for, with zero care
from OpenJDK and some very bad examples of alternative solutions, not to
mention a c
It looks like you got their attention. :)
Although we've had the assurance from OpenJDK that we could implement an
authorization framework using StackWalker and agents, I've found it's
not feasible, since privileged actions will be lost and there will be no
support from OpenJDK, it would destr
On Wed, 14 Jun 2023 04:53:58 GMT, David Holmes wrote:
> Updated the version to 22-ea and year to 2024.
>
> The following unpublished changes will also be included in this update:
> - [JDK-8290626](https://bugs.openjdk.org/browse/JDK-8290626): keytool manpage
> contains a special character
> - [
> Updated the version to 22-ea and year to 2024.
>
> The following unpublished changes will also be included in this update:
> - [JDK-8290626](https://bugs.openjdk.org/browse/JDK-8290626): keytool manpage
> contains a special character
> - [JDK-8303928](https://bugs.openjdk.org/browse/JDK-8303928
On Wed, 14 Jun 2023 04:53:58 GMT, David Holmes wrote:
> Updated the version to 22-ea and year to 2024.
>
> The following unpublished changes will also be included in this update:
> - [JDK-8290626](https://bugs.openjdk.org/browse/JDK-8290626): keytool manpage
> contains a special character
> - [
On Wed, 14 Jun 2023 04:53:58 GMT, David Holmes wrote:
> Updated the version to 22-ea and year to 2024.
>
> The following unpublished changes will also be included in this update:
> - [JDK-8290626](https://bugs.openjdk.org/browse/JDK-8290626): keytool manpage
> contains a special character
> - [
> New functionality in the -XshowSettings menu to display relevant information
> about JDK security configuration
Sean Coffey has updated the pull request incrementally with one additional
commit since the last revision:
Don't allow bad subcommand values for security component
-
On Mon, 19 Jun 2023 18:21:49 GMT, Roger Riggs wrote:
>> @RogerRiggs - do you mean to print nothing in the "bad command input"
>> scenario ? The current -XshowSettings launch behaviour prints all data if a
>> bad value is passed to it. I was mimicking this for security subcommands.
>>
>> Are
On Mon, 19 Jun 2023 16:11:12 GMT, Sean Coffey wrote:
>> src/java.base/share/classes/sun/launcher/SecuritySettings.java line 66:
>>
>>> 64: ostream.println("Unrecognized security subcommand. See
>>> \"java -X\" for help");
>>> 65: ostream.println("Printing all sec
On Fri, 16 Jun 2023 11:23:48 GMT, Alan Bateman wrote:
>> Sean Coffey has updated the pull request incrementally with two additional
>> commits since the last revision:
>>
>> - Refactor out security code to helper class
>> - Print aliases. Order Provider type/service output.
>
> src/java.base/
On Tue, 13 Jun 2023 20:36:28 GMT, Anthony Scarpino
wrote:
> Hi,
>
> I need a code review for moving the contents of the jdk.crypto.ec module into
> java.base. This moves the SunEC JCE Provider (Elliptic Curve) into
> java.base. EC has always been separate from the base module/pkg because of
On Fri, 16 Jun 2023 15:15:59 GMT, Roger Riggs wrote:
>> Sean Coffey has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Pass PrintStream to security helper
>
> src/java.base/share/classes/sun/launcher/SecuritySettings.java line 66:
>
>> 64:
On Sat, 17 Jun 2023 01:51:36 GMT, Weijun Wang wrote:
>> Sean Coffey has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Pass PrintStream to security helper
>
> src/java.base/share/classes/sun/launcher/SecuritySettings.java line 93:
>
>> 91:
On Fri, 16 Jun 2023 11:23:48 GMT, Alan Bateman wrote:
>> Sean Coffey has updated the pull request incrementally with two additional
>> commits since the last revision:
>>
>> - Refactor out security code to helper class
>> - Print aliases. Order Provider type/service output.
>
> src/java.base/
> New functionality in the -XshowSettings menu to display relevant information
> about JDK security configuration
Sean Coffey has updated the pull request incrementally with two additional
commits since the last revision:
- restore more informative help message
- Split long properties for ; a
On Sat, 17 Jun 2023 00:41:32 GMT, Vladimir Ivanov wrote:
>> Cesar Soares Lucas has updated the pull request with a new target base due
>> to a merge or a rebase. The pull request now contains 19 commits:
>>
>> - Merge branch 'openjdk:master' into rematerialization-of-merges
>> - Rome minor re
> On 19 Jun 2023, at 12:48, Peter Firmstone wrote:
>
> For most Java developers, and Jvm users, it means that all Java bytecodes
> need to be audited and trusted,
That has always been the case for *server* applications because SecurityManager
has never protected against some of the most com
On 6/19/23 2:19 AM, Alan Bateman wrote:
On Mon, 19 Jun 2023 05:46:34 GMT, Anthony Scarpino
wrote:
From what I was told, the native library was one of the reasons it was not in
the base pkg before modularization and just remained so afterwards.
Maybe you are thinking about the size of l
On 2023-06-19 07:48, Peter Firmstone wrote:
Having an authorization layer, made it more difficult for attackers
to gain access to sensitive information, such as properties, especially
if you were using policy files with least privilege principles.
Agreed. I hope it did not seem as if my recent
For most Java developers, and Jvm users, it means that all Java
bytecodes need to be audited and trusted, to be fair OpenJDK provide
flight recorder and other tools. The drawback of this approach, is that
Java allows dynamic code downloads, attackers will attempt to introduce
gadgets, or injec
20 matches
Mail list logo
