On 21/12/2018 13:43, Langer, Christoph wrote:
Hi Alan,
Adding support for POSIX file permissions to the zip APIs is problematic
as we've been discussing here. There are security concerns and also
concerns that how it interacts with JAR files and signed JAR in
particular. I don't disagree that we can come to agreement on zipfs
supporting a solution but I think we need to get the bigger picture on
where this is going first. If the piece to change the java.util.zip APIs
is dropped then it would make these discussions a lot simpler as it
removes most of the security issues from the table.
Yes, please consider changes to java.util.zip APIs as dropped. At least for the
moment. I'm not saying I won't ever get back to that topic but maybe an
enhancement of jdk.zipfs is already sufficient to provide the required Posix
permission support for the Java platform.
I've looked at the updated CSR. It would be good to include the spec
changes, meaning the javadoc update to jdk.zipfs/module-info.java where
it will document that it supports PosixFileAttributeView. I suspect
there is also a discussion point around owner/group as I can't tell from
the CSR if the UNIX extra fields are being used to encode the uid/gid
(the original spec did not envisage supporting PosixFileAttributeView
without also supporting file ownership).
-Alan
