Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]

Alan Bateman Alan.Bateman at
Fri Jun 7 16:02:07 UTC 2013

On 07/06/2013 10:02, Alexey Utkin wrote:
> Hi,
> Please review the fix.
> Bug description:
> The suggested fix:
> Summary:
>     In absence of the Security Manager the verification procedure for 
> the command-line was restored as before the JDK-8012453 fix. That 
> suggests the ability of inline input/output redirection, piping, 
> simultaneous launching of several programs by single command, lost 
> spaces and etc.
> The extended verification procedure is activated in presence of the 
> Security Manager or installing to "false" the 
> "jdk.lang.Process.allowAmbiguousCommands" Java property.
Given 15 years of sloppy usage of Runtime.exec on Windows then it was 
always going to be difficult to switch to tighter checking by default. 
So I think the solution is right and keeps existing code working. I also 
agree that it's useful to have a property to opt-in to get property 
checking of the input.

So the changes looks good to me. A minor comment on the test but in 
checkOut then it could use Files.notExists. It would be useful to expand 
the @bug to include the new bug ID too.


More information about the core-libs-dev mailing list