Review request for 7034570
Alan.Bateman at oracle.com
Wed Apr 13 13:54:53 UTC 2011
Michael McMahon wrote:
>> In toEnvironmentBlock does the getenv("SystemRoot") need to be done
>> in a privileged block (I'm just thinking of the case where you have
>> permissions to exec the process but not read the variable). Also do
>> you need to handle the case that it is null?
> The permission check happens at a higher level. We're dealing directly
> with the data at this level.
> So, we don't need a privileged block.
Do you mind checking it? I'm pretty sure there will be caller frames on
the stack that aren't in the null protection domain and so getenv will
fail with a security exception if there isn't permission to read it.
More information about the core-libs-dev