[rfc][icedtea-web][policyeditor] Reflection and Exec permissions

Andrew Azores aazores at redhat.com
Wed Mar 26 14:03:50 UTC 2014

On 03/26/2014 05:06 AM, Jiri Vanek wrote:
> On 03/25/2014 08:34 PM, Andrew Azores wrote:
>> On 03/25/2014 02:57 PM, Jiri Vanek wrote:
>>> On 03/25/2014 02:39 PM, Andrew Azores wrote:
>>>> On 03/25/2014 05:30 AM, Jiri Vanek wrote:
>>>>> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>>>>>> Hi,
>>>>>> This patch just adds Reflection and Exec permission options to 
>>>>>> PolicyEditor.
>>>>>> Thanks,
>>>>> Looks good. Just not sure if it is enough:
>>>>> eg:
>>>>> java.lang.NullPointerException
>>>>> at geogebra.i.x.a(Unknown Source)
>>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>>> at geogebra.GeoGebra.main(Unknown Source)
>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>> at 
>>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>>>> at 
>>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>>> at java.lang.reflect.Method.invoke(Method.java:616)
>>>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>>>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>>>>> I think he class for name is not allowed by your permission.
>>>> Aha! Thanks for catching this. [0] suggests there's only one 
>>>> permission needed for reflection,
>>>> but [1] proves otherwise (and makes sense).
>>> Hmm still the same exception. It is geogebra which is causing this.
>> Do you have exact reproduction steps?
> yes, lunch geogebra from our testcases and sue any sandbox combination 
> :) - or try to tune it to run:)

Ah I see, it's failing as soon as it starts basically. Maybe I should 
have tried before asking for detailed steps ;)

Why do you think it's being denied on a classForName call though? Not 
saying it isn't, but I don't see what indicates that in particular? 
According to the docs for Class.forName, the permission required is a 
RuntimePermission with "getClassLoader" target and no actions, and 
that's what the Get ClassLoader permission in PolicyEditor is granting. 
I mean, the NPE is happening somewhere after some GUI package stuff is 
going on apparently, so how do we know it isn't a missing AWT permission 
instead? Maybe there should be a catch-all AWT permission available as 
well, actually, even if that isn't the problem here.


Andrew A

More information about the distro-pkg-dev mailing list