[icedtea-web] RFC: RH738814 - Access denied at ssl handshake
omajid at redhat.com
Mon Sep 19 14:51:42 PDT 2011
The attached patch should address RH738814 
The stack trace of the exception shows that code in
VariableX509TrustManager tries do show a prompt which needs all
permissions. Since the method call was originally from an untrusted
applet, these permissions are missing and a security exception is thrown.
Something along this line was anticipated earlier , but my fix may
have been too broad. So now that we have a stack trace, I have a more
focused patch. Any thoughts or comments?
The patch is for HEAD, but applies to 1.1 as well. It should also apply
to 1.0 after trivial changes - though I am not sure if that's something
we should do.
2011-09-19 Omair Majid <omajid at redhat.com>
(showCertWarningDialog): Add a javadoc comment.
(askUser): Wrap the call to showCertWarningDialog in a doPrivileged
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2949 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20110919/7248f567/icedtea-web-ask-user-privileged-01.patch
More information about the distro-pkg-dev