Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8081626

option to disable cache re-validation for JAR files

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Won't Fix
    • Icon: P3 P3
    • None
    • 7u71, 7u80, 8u45
    • deploy
    • None
    • generic
    • generic


      There was a performance regression was introduced in 7u72 by JDK-8052111.
      Before security fix we check jar signature only once and then run jars from cache without this check.
      So it means that someone can replace jar in deployment cache with a patched version and run this jar as trusted jar.
      Now we always re-check jars even if jar is located in deployment cache and was checked before.
      The regression (after 7u72) appears due to this security fix which updates it's internal index files on each jar check.

      A fix for the performance regression is under
      JDK-8079223 unnecessary performance degradation caused by fix to JDK-8052111

      Apart from the above fix, customer is requesting a switch to disable the cache recheck,
      as the enterprise should be able to make that decision based on their environment and requirements.

            herrick Andy Herrick (Inactive)
            lkchow Lawrence Chow
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: