[icedtea-web] RFC: check prompting user with full permissions
omajid at redhat.com
Fri Dec 17 07:29:45 PST 2010
The attached patch fixes a bug in IcedTea-Web and ensures that when netx
checks whether the user should be prompted, it is done with full
This is necessary because JNLPSecurityManager can ask the user to grant
an untrusted application socket permissions. Without this fix, the
caller is not allowed to prompt the user and the security exception
thrown essentially denies this permission. There maybe other code paths
for which this can happen too.
These particular configuration values does not seem very sensitive to
me. I dont see any issues if untrusted applications could read them.
Still, both the methods patched are private so they can only be called
from within the class. I don't see any problems with this doPrivileged
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1819 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20101217/6addea01/check-prompting-with-full-permissions.patch
More information about the distro-pkg-dev