harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stepan Mishura" <stepan.mish...@gmail.com>
Subject Re: [classlib][security] Compatibility issue for UnresolvedPermission.getUnresolvedCerts()
Date Tue, 09 Jan 2007 09:27:08 GMT
On 12/29/06, Tim Ellison wrote:
> I've been sat on HARMONY-734 for a while (for which I apologize) -- so
> bringing it here to see what the opinion is about following the spec vs.
> being compatible with the RI that doesn't follow the spec.
> Summary is, where there are no certificates the method:
>   java.security.UnresolvedPermission#getUnresolvedCerts()
> returns an array of nulls on the RI, but
> returns null on Harmony, as required by the spec.
> Question is, would apps be dealing with null as a return value, or will
> following the spec in this instance cause problems?

Hi Tim,

I think the issue should be marked as non-bug difference - the class is used
to hold unresolved permissions when security policy is initialized. The
unresolved permission are resolved later during access control checking.
This design doesn't imply that an app. deals directly with an array of
unresolved certificates. But if it does I can not image a reason for policy
implementation to initialize a permission object with an arrays of nulls. So
I don't see any potential problems for apps here and I'd follow the spec.

Stepan Mishura
Intel Enterprise Solutions Software Division

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message