Thanks, Sean.
Here is an updated webrev with your suggested changes. I've also added
tests here, and will no longer be adding tests for this changeset to the
closed repo.
http://cr.openjdk.java.net/~juh/8046724/01/
Thanks,
Jason
On 12/18/2014 07:02 AM, Sean Mullan wrote:
Just a few comments
Hello Jeff,
Sorry for the delayed response.
Regarding privilege escalation and class loading, our observation was
that many Java exploits have an exploit class and a separate payload
class. The exploit class typically attacks a vulnerability with the
outcome that the payload class is loaded w
Thanks for the code reviews Valerie.
Andrew - looks like you need to submit new review with 7169496. Note
that you still need to file for approval once code review is complete :
http://openjdk.java.net/projects/jdk7u/groundrules.html
I'm just being cautious on this one given the possible beha
On 01/07/2015 09:02 PM, Jamil Nimeh wrote:
Sure. I did a little looking into this as well between email exchanges
and I think Mike has it right. According to
http://www.ietf.org/rfc.html the RFC Editor site is the authoritative
source. Kind of a bummer as I prefer the xml2rfc format. But if R
