[rfc][icedtea-web] SecurityDelegate addPermission and reference for CertWarningPane
jvanek at redhat.com
Thu Mar 20 18:45:31 UTC 2014
On 03/13/2014 09:43 PM, Andrew Azores wrote:
> The smaller of these two patches simply exposes JNLPClassLoader#addPermission(Permission) through three new SecurityDelegate methods: #addPermission(Permission), #addPermissions(PermissionCollection), and #addPermissions(Collection<Permission>). The larger patch passes a SecurityDelegate reference through the security dialog system so that the delegate is available to CertWarningPane. This is in preparation for a patch that will add "this run only" temporary permission options to the CertWarningPane, achieved by "injecting" these permissions directly into the classloader via the delegate. These extra options are not included because they are blocked on "Launching PolicyEditor from CertWarningPane", but this
> infrastructure work doesn't depend on that patch.
> These two patches apply cleanly together, but certwarning-securitydelegate will have a small and easily resolvable conflict with policyeditor-in-dialog-4 if they are used together.
> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission, addPermissions) implement previous.
> * netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser) pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog
> * netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same
> * netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate reference from extras into CertWarningPane constructor
> * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog) added SecurityDelegate parameter, add to extras array.
> * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser) pass null for SecurityDelegate reference
> * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane) added SecurityDelegate constructor parameter and (securityDelegate) field
Yup. I would say ok to go.
More information about the distro-pkg-dev