Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8218021

Have jarsigner preserve posix permission attributes

    Details

      Backports

        Description

        Submitter uses jarsigner to sign zip files. Below is the sample of final signing
        command which use for signing.

        jarsigner -J-Xmx1024m -keystore /path/to/java.keystore -keypass ***
        -storepass *** -tsa timeStampUrl -signedjar SignFileLocation()
        UploadFileLocation() alias

        UploadFileLocation() --- zip file to be signed, files inside zip(After extracting) has permissions rwxr-xr-x
        SignFileLocation() --- signed zip file, files inside zip(After extracting ) has permissions rw-r--r--

        jarsigner is changing the file permissions as per the above finding.

        This bug is affecting the release of patches and we could not find a
        straightforward solution. We can sign via openssl, but that creates
        additional files that make the installation of the patch incompatible with
        current machinery and it would not be backward compatible either.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  coffeys Sean Coffey
                  Reporter:
                  shadowbug Shadow Bug
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: