Re: [cp-patches] Patch: remove bogus ServerSocket security check

classpath-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cp-patches] Patch: remove bogus ServerSocket security check

From:	Mark Wielaard
Subject:	Re: [cp-patches] Patch: remove bogus ServerSocket security check
Date:	Sat, 31 Dec 2005 12:42:50 +0100

Hi Anthony,

On Mon, 2005-12-26 at 19:05 -0800, Anthony Green wrote:
> This patch removes a bogus security check from ServerSocket.accept(),
> and replaces it with a request to implement a proper check.  Once
> applied I will file a bug report for our records.
>
> 2005-12-26  Anthony Green  <address@hidden>
> 
>       * java/net/ServerSocket.java (accept): Remove bogus
>       security check.

It is clear the current check is wrong since we check on the SocketImpl
of the ServerSocket and not the Socket that accept would return. But
wouldn't the correct security check just be to move this check just
after implAccept(socket) and then do the exact same check on the just
created socket?

Gary, do we have Mauve tests for this case already?

Cheers,

Mark

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

[cp-patches] Patch: remove bogus ServerSocket security check, Anthony Green, 2005/12/26
- Re: [cp-patches] Patch: remove bogus ServerSocket security check, Tom Tromey, 2005/12/27
- Re: [cp-patches] Patch: remove bogus ServerSocket security check, Mark Wielaard <=

Prev by Date: [cp-patches] DOM conformance fixes
Next by Date: Re: [cp-patches] FYi: Implement (naive) Bidi.requiresBidi() workaround
Previous by thread: Re: [cp-patches] Patch: remove bogus ServerSocket security check
Next by thread: [cp-patches] Patch: FYI: added missing import
Index(es):
- Date
- Thread