[RFC]: Patch for bug #498108

Lillian Angel langel at redhat.com
Wed May 13 07:11:48 PDT 2009 

Andrew Haley wrote:
> Lillian Angel wrote:
>
>   
>> Attached is a patch to fix
>> https://bugzilla.redhat.com/show_bug.cgi?id=498108.
>>
>> We need to remove the setPolicy restriction for trusted webstart
>> applications, since each run in their own vm instance. Though the same
>> code is used for plugins, and this restriction should still be upheld. I
>> have added a parameter to JNLPRuntime.initialize to determine if a
>> webstart application or a plugin applet are being initialized.
>>     
>
> Two minor style nits:
>
>   
>> diff -r a5006e51afe4 plugin/icedtea/sun/applet/PluginAppletSecurityContext.java
>> --- a/plugin/icedtea/sun/applet/PluginAppletSecurityContext.java	Tue May 05 14:42:36 2009 -0400
>> +++ b/plugin/icedtea/sun/applet/PluginAppletSecurityContext.java	Wed May 06 13:39:27 2009 -0400
>> @@ -248,7 +248,7 @@
>>  		// an applet will be loaded at some point, we should make it the SM
>>  		// that JNLPRuntime will try to install
>>  		if (System.getSecurityManager() == null) {
>> -			JNLPRuntime.initialize();
>> +			JNLPRuntime.initialize(false);
>>
>>     
>
> is much easier to read as something like:
>
> 		JNLPRuntime.initialize(/* isApplication */ false);
>
>   
>> diff -r a5006e51afe4 rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java
>> --- a/rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java	Tue May 05 14:42:36 2009 -0400
>> +++ b/rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java	Wed May 06 13:39:27 2009 -0400
>> @@ -255,13 +255,14 @@
>>       */
>>      public void checkPermission(Permission perm) {
>>          String name = perm.getName();
>> -
>> +
>>          // Enable this manually -- it'll produce too much output for -verbose
>>          // otherwise.
>>  //		if (true)
>>  //			System.out.println("Checking permission: " + perm.toString());
>> -        if ("setPolicy".equals(name) ||
>> -            "setSecurityManager".equals(name))
>> +
>> +        if (!JNLPRuntime.isWebstartApplication() && ("setPolicy".equals(name) ||
>> +            "setSecurityManager".equals(name)))
>>              throw new SecurityException(R("RCantReplaceSM"));
>>     
>
> would be better as
>
> 	 if (!JNLPRuntime.isWebstartApplication() &&
> 	     ("setPolicy".equals(name) || "setSecurityManager".equals(name)))
>             throw new SecurityException(R("RCantReplaceSM"));
>
> I misunderstood this the first couple of times I read it.

Both fixed.


Thanks!
Lillian

More information about the distro-pkg-dev mailing list