[
https://issues.apache.org/jira/browse/CRYPTO-90?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sebb updated CRYPTO-90:
-----------------------
Description:
The Utils class reads properties from a properties file if it exists, and adds
them to the set of System properties.
There are several problems with this:
- there's no way of knowing exactly when the properties will be processed,
because it depends when the Utils class is first used
- generally it's a bad idea to update System properties.
- updates to System properties require additional privileges, so the behaviour
of the code will depend on the environment in which it is run.
- the code catches Throwable, which is not allowed.
If there is a use case for supporting a properties file, it should be processed
at a predictable stage in the code, should be done before command-line
parameters are processed, and should not require updating System properties.
was:
The Utils class reads properties from a properties file if it exists, and adds
them to the set of System properties.
There are several problems with this:
- there's no way of knowing exactly when the properties will be processed,
because it depends when the Utils class is first used
- generally it's a bad idea to update System properties.
- the properties file will replace any properties defined on the Java
command-line; normally command-line parameters take precedence.
- updates to System properties require additional privileges, so the behaviour
of the code will depend on the environment in which it is run.
- the code catches Throwable, which is not allowed.
If there is a use case for supporting a properties file, it should be processed
at a predictable stage in the code, should be done before command-line
parameters are processed, and should not require updating System properties.
> Utils loads system properties during class loading
> --------------------------------------------------
>
> Key: CRYPTO-90
> URL: https://issues.apache.org/jira/browse/CRYPTO-90
> Project: Commons Crypto
> Issue Type: Bug
> Reporter: Sebb
>
> The Utils class reads properties from a properties file if it exists, and
> adds them to the set of System properties.
> There are several problems with this:
> - there's no way of knowing exactly when the properties will be processed,
> because it depends when the Utils class is first used
> - generally it's a bad idea to update System properties.
> - updates to System properties require additional privileges, so the
> behaviour of the code will depend on the environment in which it is run.
> - the code catches Throwable, which is not allowed.
> If there is a use case for supporting a properties file, it should be
> processed at a predictable stage in the code, should be done before
> command-line parameters are processed, and should not require updating System
> properties.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
