Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]

Alexey Utkin alexey.utkin at
Mon Jun 10 08:15:03 UTC 2013

Here is the changed version:

On 6/7/2013 8:02 PM, Alan Bateman wrote:
> On 07/06/2013 10:02, Alexey Utkin wrote:
>> Hi,
>> Please review the fix.
>> Bug description:
>> The suggested fix:
>> Summary:
>>     In absence of the Security Manager the verification procedure for 
>> the command-line was restored as before the JDK-8012453 fix. That 
>> suggests the ability of inline input/output redirection, piping, 
>> simultaneous launching of several programs by single command, lost 
>> spaces and etc.
>> The extended verification procedure is activated in presence of the 
>> Security Manager or installing to "false" the 
>> "jdk.lang.Process.allowAmbiguousCommands" Java property.
> Given 15 years of sloppy usage of Runtime.exec on Windows then it was 
> always going to be difficult to switch to tighter checking by default. 
> So I think the solution is right and keeps existing code working. I 
> also agree that it's useful to have a property to opt-in to get 
> property checking of the input.
> So the changes looks good to me. A minor comment on the test but in 
> checkOut then it could use Files.notExists. It would be useful to 
> expand the @bug to include the new bug ID too.


More information about the core-libs-dev mailing list