[icedtea-web] RFC: stop JNLPPolicy from granting duplicate permissions to a CodeSource
Omair Majid
omajid at redhat.com
Fri Dec 17 14:52:20 PST 2010
Hi,
The attached patch modifies JNLPPolicy so that it does grant permissions
that the CodeSource already has.
As described in Java 2 Platform Security Second Edition section 5.6 (and
can be seen in the implementation of ProtectionDomain and Policy
classes), whenever permission checks are needed, static permissions and
then dynamic permissions are consulted.
Static permission to CodeSources are granted by the (subclasses of)
SecureClassLoader, while dynamic permissions are granted by the current
Policy.
In IcedTea-Web, JNLPPolicy consults JNLPClassLoader to grant all the
static permissions again (in addition to any dynamic ones). The result
is that CodeSources are given the same permissions twice. This is
unnecessary and should be fixed. The attached patch accomplishes that.
This is not a major problem but it does make stepping through the
JNLPPolicy class a little annoying. It also gives the impression that to
grant a CodeSource different permissions than those granted by the
JNLPClassLoader, modifying the JNLPPolicy is enough, which may lead to
subtle bugs later on.
Cheers,
Omair
-------------- next part --------------
A non-text attachment was scrubbed...
Name: remove-duplicate-permissions-01.patch
Type: text/x-patch
Size: 1852 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20101217/97e4d683/remove-duplicate-permissions-01.patch
More information about the distro-pkg-dev
mailing list