[rfc][icedtea-web] Permissions manifest attribute fix

Andrew Azores aazores at redhat.com
Mon Mar 31 17:28:12 UTC 2014


The spec for this attribute is at [0]. Any reviewer, please double check 
the spec to be sure I've correctly interpreted it, and not just 
implemented something else.

[1] and [2] can be used as test cases for this fix. The Permissions 
manifest attribute had a bug due to the inability to distinguish between 
a signed applet being granted All-permission because it specified it in 
the HTML params, and a signed applet being granted All-permission 
because it did not specify a permission level and All-permission is the 
default in this case. This bug led to signed applets being unable to 
properly request for themselves to be run sandboxed.

This patch fixes it so that the applets may be run, however, there is a 
deficiency in that we are not actually able to sandbox the applet. This 
is because we are doing our manifest checks after all of our resources 
have been loaded and assigned SecurityDescs. In order to run an applet 
sandboxed, the SecurityDelegate#setRunInSandbox call must be performed 
before any of these security descriptors are assigned. This is not 
currently possible. However, we do at least have the Run In Sandbox 
button which can be used before the manifest checks are performed, which 
will then allow the applet to be run sandboxed at the user's discretion.



Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: permissions-attr-check.patch
Type: text/x-patch
Size: 14472 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/fcc76fbf/permissions-attr-check-0001.patch>

More information about the distro-pkg-dev mailing list