[icedtea-web] RFC: check prompting user with full permissions

Fri Dec 17 07:58:31 PST 2010

* Omair Majid <omajid at redhat.com> [2010-12-17 10:32]:
> Hi,
> 
> The attached patch fixes a bug in IcedTea-Web and ensures that when
> netx checks whether the user should be prompted, it is done with
> full permissions.
> 
> This is necessary because JNLPSecurityManager can ask the user to
> grant an untrusted application socket permissions. Without this fix,
> the caller is not allowed to prompt the user and the security
> exception thrown essentially denies this permission. There maybe
> other code paths for which this can happen too.
> 
> These particular configuration values does not seem very sensitive
> to me. I dont see any issues if untrusted applications could read
> them. Still, both the methods patched are private so they can only
> be called from within the class. I don't see any problems with this
> doPrivileged block.
> 
> Thoughts?
> 

Looks okay to me. Okay for HEAD.

Deepak

> Cheers,
> Omair

> diff -r 9397074c2c39 netx/net/sourceforge/jnlp/security/SecurityWarning.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityWarning.java	Wed Dec 15 10:17:51 2010 -0500
> +++ b/netx/net/sourceforge/jnlp/security/SecurityWarning.java	Fri Dec 17 10:12:58 2010 -0500
> @@ -319,8 +319,13 @@
>       * @return true if security warnings should be shown to the user.
>       */
>      private static boolean shouldPromptUser() {
> -        return Boolean.valueOf(JNLPRuntime.getConfiguration()
> -                .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER));
> +        return AccessController.doPrivileged(new PrivilegedAction<Boolean >() {
> +            @Override
> +            public Boolean run() {
> +                return Boolean.valueOf(JNLPRuntime.getConfiguration()
> +                        .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER));
> +            }
> +        });
>      }
>  
>  }
> diff -r 9397074c2c39 netx/net/sourceforge/jnlp/services/ServiceUtil.java
> --- a/netx/net/sourceforge/jnlp/services/ServiceUtil.java	Wed Dec 15 10:17:51 2010 -0500
> +++ b/netx/net/sourceforge/jnlp/services/ServiceUtil.java	Fri Dec 17 10:12:58 2010 -0500
> @@ -299,8 +299,13 @@
>       * @return true if the user should be prompted for JNLP API related permissions.
>       */
>      private static boolean shouldPromptUser() {
> -        return Boolean.valueOf(JNLPRuntime.getConfiguration()
> -                .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER_FOR_JNLP));
> +        return AccessController.doPrivileged(new PrivilegedAction<Boolean >() {
> +            @Override
> +            public Boolean run() {
> +                return Boolean.valueOf(JNLPRuntime.getConfiguration()
> +                        .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER_FOR_JNLP));
> +            }
> +        });
>      }
>  
>  }