Nathan Beyer wrote:
Is there a downstream secirity check that would be less efficient? Maybe
the comment is just about perf.
I checked java.io.FilePermission, seems there is no code using "==" to
test the path.
Sent from my iPhone
On Mar 23, 2009, at 4:23 AM, Regis <[email protected]> wrote:
Deven You wrote:
I think only return tempPath is ok.
Thanks, I suppose so. Just to make sure it's safe to remove the
"unnecessary" check. Any security gurus have different thoughts?
2009/3/23 Regis <[email protected]>
Hi,
I noticed some code in File.fixSlashes:
String tempPath = new String(newPath, 0, newLength);
// If it's the same keep it identical for SecurityManager
purposes
if (!tempPath.equals(origPath)) {
return tempPath;
}
return origPath;
It could be simplified in logic as
return new String(newPath, 0, newLength);
But comments said it's for security reason, I'm not familiar with
security,
are there any cases we must keep the same String reference?
--
Best Regards,
Regis.
--
Best Regards,
Regis.
--
Best Regards,
Regis.
