[icedtea-web] RFC: RH738814 - Access denied at ssl handshake
dbhole at redhat.com
Thu Sep 22 13:57:09 PDT 2011
* Omair Majid <omajid at redhat.com> [2011-09-19 17:53]:
> The attached patch should address RH738814 
> The stack trace of the exception shows that code in
> VariableX509TrustManager tries do show a prompt which needs all
> permissions. Since the method call was originally from an untrusted
> applet, these permissions are missing and a security exception is
> Something along this line was anticipated earlier , but my fix
> may have been too broad. So now that we have a stack trace, I have a
> more focused patch. Any thoughts or comments?
> The patch is for HEAD, but applies to 1.1 as well. It should also
> apply to 1.0 after trivial changes - though I am not sure if that's
> something we should do.
Agreed. I am not sure how worthwhile it is to fix this in 1.0 either.
Approved for 1.1 and HEAD.
More information about the distro-pkg-dev