[icedtea-web] RFC: stop JNLPPolicy from granting duplicate permissions to a CodeSource

Omair Majid omajid at redhat.com
Fri Dec 17 14:52:20 PST 2010


The attached patch modifies JNLPPolicy so that it does grant permissions 
that the CodeSource already has.

As described in Java 2 Platform Security Second Edition section 5.6 (and 
can be seen in the implementation of ProtectionDomain and Policy 
classes), whenever permission checks are needed, static permissions  and 
then dynamic permissions are consulted.

Static permission to CodeSources are granted by the (subclasses of) 
SecureClassLoader, while dynamic permissions are granted by the current 

In IcedTea-Web, JNLPPolicy consults JNLPClassLoader to grant all the 
static permissions again (in addition to any dynamic ones). The result 
is that CodeSources are given the same permissions twice. This is 
unnecessary and should be fixed. The attached patch accomplishes that.

This is not a major problem but it does make stepping through the 
JNLPPolicy class a little annoying. It also gives the impression that to 
grant a CodeSource different permissions than those granted by the 
JNLPClassLoader, modifying the JNLPPolicy is enough, which may lead to 
subtle bugs later on.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: remove-duplicate-permissions-01.patch
Type: text/x-patch
Size: 1852 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20101217/97e4d683/remove-duplicate-permissions-01.patch 

More information about the distro-pkg-dev mailing list