Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8247499

Have jarsigner preserve posix permission attributes

    Details

    • Subcomponent:
    • Compatibility Kind:
      behavioral
    • Compatibility Risk:
      minimal
    • Compatibility Risk Description:
      Signing files with such POSIX permission attributes is not a major use case of jarsigner. Preserving such attributes should cause no surprises.
    • Interface Kind:
      Other
    • Scope:
      Implementation

      Description

      Summary

      Have the jarsigner tool retain POSIX permission attributes already in place during signing operations.

      Problem

      Following on from work already done via https://bugs.openjdk.java.net/browse/JDK-8213082:

      POSIX file systems define a certain set of permission attributes for files (e.g. read, write, execute for user, group or all). Being able to store POSIX permission information in Zip files is an important requirement that users of Zip files are in need of on POSIX systems.

      Although there is no explicit definition in the Zip specification about the canonical way to store these attributes, there exists a common sense amongst implementors of Zip tooling serving as a de-facto standard, leveraging Zip's CEN header fields version made by and external file attributes. Support for POSIX Permissions is based on the work in info-zip implementation which is available as open source: http://infozip.sourceforge.net/

      When jarsigner is used to sign a jar/zip file, a new zip is cloned and replaces the original file once signed. Until this enhancement, jarsigner ignores such POSIX permission file attributes stored in the file being signed and resets them to '0' in the newly signed file. Files created from the jar tool don't store POSIX permission attribute values. The issue mainly affects files created by the zip tool implementation. The info-zip project provides a zipinfo command and the JDK Zip FS has support for displaying such attributes (e.g. java jdk.nio.zipfs.ZipInfo foo.zip).

      Solution

      Make jarsigner POSIX permission attributes aware. If such attributes are present in a file being signed, preserve them.

      A new warning will also be emitted from the jarsigner tool when signing and verifying signed files that contain POSIX permission attributes. The warning will indicate that such attribute values are not used during the file verification process. The warning printed will be: "POSIX permission attributes detected. Note that these attributes are unsigned and not protected by the signature."

      Specification

      A JDK implementation specific behavioural change to have jarsigner preserve POSIX file permissions, when present. POSIX permission attributes stored with any entry in the original jar/zip resource will be saved in the newly signed jar/zip file.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                coffeys Sean Coffey
                Reporter:
                shadowbug Shadow Bug
                Reviewed By:
                Alan Bateman, Lance Andersen, Weijun Wang
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: