Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8207846

Generalize the jdk.net.includeInExceptions security property

    XMLWordPrintable

Details

    • b05
    • Verified

    Backports

      Description

        JDK-8204233 added a new security property, `jdk.net.includeInExceptions`, to include additional, potentially security sensitive, information in exception detail messages in the networking area. The property accepts a comma separated list of values that specifies the particular type of extra detail information to add.

        Since its addition, in JDK 11, further uses have arisen to include additional, potentially security sensitive, information in exception detail messages in other areas, namely the java.util.jar APIs. See JDK-8205525, and http://mail.openjdk.java.net/pipermail/core-libs-dev/2018-July/054284.html

        Given that this mechanism will likely be used more generally across different parts of the platform, it seem prudent to rename the property to be less area-specific, thus allowing for additional argument values to be specified, like for example `jarPath`.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8208177 Generalize the jdk.net.includeInExceptions security property

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8208438 Generalize the jdk.net.includeInExceptions security property

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8209263 Generalize the jdk.net.includeInExceptions security property

            • P3 - Major loss of function.
            • Resolved
            blocks

            Enhancement - null JDK-8205525 Improve exception messages during manifest parsing of jar archives

            • P3 - Major loss of function.
            • Resolved
            csr for

            CSR - null JDK-8207961 Generalize the jdk.net.includeInExceptions security property

            • P3 - Major loss of function.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8208691 Tighten up jdk.includeInExceptions security property

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8204233 Add configurable option for enhanced socket IOException messages

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Closed

            Activity

              People

                chegar Chris Hegarty
                chegar Chris Hegarty
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: