Not using signers in JNLPPolicy.getPermissions()
Omair Majid
omajid at redhat.com
Fri Dec 17 15:07:53 PST 2010
Hi,
I noticed this line in JNLPPolicy.getPermissions(CodeSource source):
CodeSource appletCS = new
CodeSource(JNLPRuntime.getApplication().getJNLPFile().getSourceLocation(),
(java.security.cert.Certificate[]) null);
I understand that we need a URL to the actual source of the code
(instead of a url to the on-disk cache), but why use null as the
certificate array? Is there a reason we are not using the actual signers
associated with the CodeSource?
Thanks,
Omair
More information about the distro-pkg-dev
mailing list