On Fri, 30 May 2025 13:32:08 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Michael McMahon has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Fixed problem with j.n.HostPortRange > > src/java.base/share/conf/security/java.security line 1282: > >> 1280: # Exception messages may include potentially sensitive information >> such as file >> 1281: # names, host names, or port numbers. By default, socket related >> exceptions >> 1282: # have this information restricted (meaning the sensitive details are >> removed). > > I found the "By default ..." sentence a little confusing, since other > categories are also restricted by default. My initial thought is to just > remove this sentence, as reading further will make it more clear that the > hostInfoExclSocket category is the only one that is not restricted by > default. Alternatively, you could flip the meaning of this sentence and say > which exceptions are **not** restricted by default. Fair point. I think we can make this clearer with a small addition. I propose to add the following sentence after the one starting "By default ..." # Exception messages relating to Jar files and exceptions containing user # identity information are also restricted by default. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2116074735
