harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexey Varlamov" <alexey.v.varla...@gmail.com>
Subject Re: [classlib][security] Compatibility issue for UnresolvedPermission.getUnresolvedCerts()
Date Tue, 09 Jan 2007 11:01:28 GMT
2007/1/9, Stepan Mishura <stepan.mishura@gmail.com>:
> On 12/29/06, Tim Ellison wrote:
> >
> > I've been sat on HARMONY-734 for a while (for which I apologize) -- so
> > bringing it here to see what the opinion is about following the spec vs.
> > being compatible with the RI that doesn't follow the spec.
> >
> > Summary is, where there are no certificates the method:
> >   java.security.UnresolvedPermission#getUnresolvedCerts()
> >
> > returns an array of nulls on the RI, but
> > returns null on Harmony, as required by the spec.
> >
> > Question is, would apps be dealing with null as a return value, or will
> > following the spec in this instance cause problems?
>
>
> Hi Tim,
>
> I think the issue should be marked as non-bug difference - the class is used
> to hold unresolved permissions when security policy is initialized. The
> unresolved permission are resolved later during access control checking.
> This design doesn't imply that an app. deals directly with an array of
> unresolved certificates. But if it does I can not image a reason for policy
> implementation to initialize a permission object with an arrays of nulls. So
> I don't see any potential problems for apps here and I'd follow the spec.

+1

>
> Thanks,
> Stepan Mishura
> Intel Enterprise Solutions Software Division
>
>

Mime
View raw message