JDK-8248263 : Release Note: jarsigner Preserves POSIX File Permission and symlink Attributes
- Type: Sub-task
- Component: security-libs
- Sub-Component: java.security
- Affected Version: 11.0.10-oracle,16
- Priority: P4
- Status: Closed
- Resolution: Delivered
- Submitted: 2020-06-24
- Updated: 2021-12-02
- Resolved: 2021-12-02
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 16 |
|---|---|
| 11.0.10-oracleResolved | 16Resolved  |
Description
When signing a file that contains POSIX file permission or symlink attributes, `jarsigner` now preserves these attributes in the newly signed file but warns that these attributes are unsigned and not protected by the signature. The same warning is printed during the `jarsigner -verify` operation for such files. Note that the `jar` tool does not read/write these attributes. This change is more visible to tools like `unzip` where these attributes are preserved.