8208691: Tighten up jdk.includeInExceptions security property

Add stronger warning on usage and add test to check that property is not set Reviewed-by: alanb, rriggs
2025-09-20 02:54:35 +02:00 · 2018-08-07 10:29:01 -04:00 · 2018-08-07 10:29:01 -04:00 · ac3d4a6722
commit ac3d4a6722
parent 0919d6d626
2 changed files with 28 additions and 7 deletions
--- a/src/java.base/share/conf/security/java.security
+++ b/src/java.base/share/conf/security/java.security
@ -1070,6 +1070,11 @@ jceks.key.serialFilter = java.base/java.lang.Enum;java.base/java.security.KeyRep
 # case-insensitive. Leading and trailing whitespaces, surrounding each value,
 # are ignored. Unknown values are ignored.
 #
+# NOTE: Use caution before setting this property. Setting this property
+# exposes sensitive information in Exceptions, which could, for example,
+# propagate to untrusted code or be emitted in stack traces that are
+# inadvertently disclosed and made accessible over a public network.
+#
 # The categories are:
 #
 #  hostInfo - IOExceptions thrown by java.net.Socket and the socket types in the