> On 8/4/17 11:12 AM, Alan Bateman wrote: >> On 04/08/2017 07:59, Jiri Vanek wrote: >>> Hello! >>> >>> I'm packaging openjdk9 for Fedora, and following files: >>> jdk/lib/security/blacklisted.certs >>> jdk/lib/security/default.policy >>> >>> Seems to be config files. Still, they are in lib/security, whether all >>> other config files were (finally! Thank you!) moved to >>> jdk/conf/ >>> and its subdirectories. Is it intentional? Why so? Are there plans to >>> change it? >> cc'ing security-dev in case there is more needed on this but in summary, >> these are not intended to be edited so this is why they are in the `lib` >> rather than `conf` directory. > > Yes, Alan is correct. The default.policy file contains the permissions > granted by default to the modules included in the JDK (that are loaded > by the platform loader) and blacklisted.certs contains a system-wide > list of certificates that are distrusted by the CertPath implementation > in the JDK. They are not configuration files, they are generally meant > to be files that typically never need to be modified.
TYVM! J. Thanks, Sean
