Bug 855977
Summary: | /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.6.x86_64/lib/sa-jdi.jar is only readable by root | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Omair Majid <omajid> |
Component: | java-1.7.0-openjdk | Assignee: | jiri vanek <jvanek> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 17 | CC: | ahughes, dbhole, jvanek, omajid, ptisnovs |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-10-19 17:20:26 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Omair Majid
2012-09-10 20:08:55 UTC
Thanx for reporting! I can fix this in rpm, by hardcode permissions, but imho this should be fixed in upstream (as also direct icedtea7-forest build is affected) and as it is regression (u3 have correct permissions, u5 have not, u4 was never packed, both architectures affected). Only sun.com packages are inside this jar, so they are not covered by usual tests. Can this be connected to recent tmp-permissions fix, which caused similar permissions for gnome-bridge? (but IMHO is not, because release with this fix was u3, which is not affected, but maybe later was build of this jar moved to tmp and so affected later) (In reply to comment #1) > Only sun.com packages are inside this jar, so they are not covered by usual > tests. Would it make sense to add tests that ensure binaries (like 'java', 'javac', and 'jstack') are working to the usual tests? Yes, I think it makes sense to add this check to our test toolset (together with debuginfo test etc.) This is fixed by: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7175845 which is in 2.3.x and has now been backported to 1.10.x, 1.11.x, 2.1.x and 2.2.x with this release: http://blog.fuseyism.com/index.php/2012/10/19/security-icedtea-1-10-10-1-11-15-2-1-3-2-2-3-2-3-3-released/ So builds done with the patched JDK will have an sa-jdi.jar with the correct permissions. You can also achieve this by doing a full bootstrap. Permissions are fixed with java-1.7.0-openjdk-1.7.0.9-2.3.3.fc17 |