Hi Alan, Goetz, >There are several issues with this proposal. The security concern is the main >one and I think we should wait for comment from security-dev. .....
>If this is required, I would choose a more generic tag >so it can be reused in other places. >I would just use "path". > >Best regards, > Goetz. Thanks for the comments . Sure, I can use path for the category naming as well, but would be good to hear the opinions of the security-dev guys on this . > The second concern is that the patch is incomplete and inconsistent in that > it changes the exception throw by two methods, >it ignores other file I/O methods that throw exceptions. We have these extended exceptions for quite some time in our JVM; we decided to enhance exceptions where we have a path already "at hand" , so it was easy to extend the exceptions . In case you think this can be done with some others , that's fine with me - do you have some concrete examples ? A lot of IO exceptions currently thrown that use JNU_ThrowIOExceptionWithLastError do not have a path (at least not where the exception is thrown). Best regards , Matthias From: Alan Bateman <alan.bate...@oracle.com> Sent: Freitag, 12. Oktober 2018 11:18 To: Baesken, Matthias <matthias.baes...@sap.com>; security-dev@openjdk.java.net; core-libs-...@openjdk.java.net Subject: Re: RFR: 8211752: JNU_ThrowIOExceptionWithLastErrorAndPath - enhance some IOExceptions with path causing the issue On 12/10/2018 09:12, Baesken, Matthias wrote: Ping ... any reviews / comments ? Should I add a category , for example "ioExceptionsWithPath" to the java.security - file to control the enabling/disabling of the enhanced exception ? java.security # # Enhanced exception message information ... #jdk.includeInExceptions=hostInfo,jar,ioExceptionsWithPath There are several issues with this proposal. The security concern is the main one and I think we should wait for comment from security-dev. The second concern is that the patch is incomplete and inconsistent in that it changes the exception throw by two methods, it ignores other file I/O methods that throw exceptions. Finally there is the concerns with the patch itself that both Roger and I commented on. -Alan