<div dir="ltr"><div><div><div><div><div>Hi<br><br>I dont know if the same rules apply to Java Applets.<br></div>In our case we use a crypto applet to sign documents using user certificates.<br><br></div>Said so, i think providing user "less options" is sometimes better/easier for them. A "yes/no" dialog is much simpler than a multiple selection option.<br>
</div>Anyhow, I understand your concerns, and considering Google is "switching off" Java (Chrome is a big part of browsers market share), i suggest you "moving out" from Java Applets/JNLP. ;)<br><br></div>
Considering unsigned apps are run on a sandbox (without risks for the user), and signed are "dangerous", probably showing the user the application required permissions (by the permissions attribute on the manifest) will be ok, but we (as many pthers) will just put "all-permissions", so at the end, it will be the same.<br>
<br></div>BTW: Do end-users really read? xD<br><br><br><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Dec 2, 2013 at 10:04 PM, Andy Lutomirski <span dir="ltr"><<a href="mailto:luto@amacapital.net" target="_blank">luto@amacapital.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>On Sun, Dec 1, 2013 at 11:39 PM, Jiri Vanek <<a href="mailto:jvanek@redhat.com" target="_blank">jvanek@redhat.com</a>> wrote:<br>
> On 12/01/2013 02:24 AM, Fernando Cassia wrote:<br>
><br>
>><br>
>> On Fri, Oct 18, 2013 at 3:14 PM, Andy Lutomirski <<a href="mailto:luto@amacapital.net" target="_blank">luto@amacapital.net</a><br>
>> <mailto:<a href="mailto:luto@amacapital.net" target="_blank">luto@amacapital.net</a>>> wrote:<br>
>><br>
>> Â Â Even if the app is signed, there should still be a way to run it in<br>
>> Â Â the sandbox. Â I've yet to encounter a JNLP app in the wild that has<br>
>> Â Â any legitimate reason to do anything other than access the internet,<br>
>> Â Â create some temporary files, and occasionally use the file picker.<br>
>> Â Â Let me run it in the sandbox, please.<br>
>><br>
>><br>
><br>
> This is intresting idea, to have "Aplication is signed, trust/dont trust"<br>
> dialog extedned to  "Aplication is signed, trust/dont trust/run in sandbox"<br>
><br>
> I'm not sure how hardor even safe will be to implement it, but there can be<br>
> anther solution. Â Andrew Azores is working on policy.tool, which should do<br>
> exactly waht you wont.<br>
> Although application X is requesting permissions A B C, you specifi in<br>
> policy file  that it can use only eg B. So when app. X will request A and C<br>
> it will get permission denied.<br>
> Is it what you wont?<br>
> Maybe when this will be safely in and tested, we can add the "run in<br>
> sandbox" button, which will just create tmo policy for application.<br>
<br>
</div>That would be great.<br>
<div><br>
><br>
> However this development is tricky work, and althogh we are trying  to get<br>
> it into next (1.5) release, we are not sure if we will make it.<br>
><br>
<br>
</div>In the mean time, I'd still consider a change to the text in the UI to<br>
be a considerable improvement.<br>
<span><font color="#888888"><br>
--Andy<br>
</font></span></blockquote></div><br></div></div></div></div>