/hg/icedtea-web: CVE-2010-3860 IcedTea System property informati...
omajid at icedtea.classpath.org
omajid at icedtea.classpath.org
Wed Nov 24 11:15:51 PST 2010
changeset 75832973e0fa in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=75832973e0fa
author: Omair Majid <omajid at redhat.com>
date: Wed Nov 24 14:15:11 2010 -0500
CVE-2010-3860 IcedTea System property information leak via public
static
2010-11-24 Omair Majid <omajid at redhat.com>
* netx/net/sourceforge/jnlp/runtime/Boot.java: Remove basedir
option. Add NETX_ABOUT_FILE. (run): Remove call to
JNLPRuntime.setBaseDir. (getAboutFile): Use the constant in
this file, not JNLPRuntime. (getBaseDir): Remove obsolete
method.
* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: Remove
baseDir, USER, HOME_DIR, NETXRC_FILE, NETX_DIR, SECURITY_DIR,
CERTFICIATES_FILE, JAVA_HOME_DIR, NETX_ABOUT_FILE.
(initialize): Do not set baseDir. (getBaseDir): Remove method.
(setBaseDir): Likewise. (getDefaultBaseDir): Likewise.
(getProperties): Likewise.
* netx/net/sourceforge/jnlp/security/SecurityUtil.java
(getTrustedCertsFilename): Delegate to
KeyStores.getKeyStoreLocation.
* plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
(PluginAppletSecurityContext): Remove call to obsolete method.
diffstat:
7 files changed, 34 insertions(+), 132 deletions(-)
ChangeLog | 22 ++
NEWS | 1
netx/net/sourceforge/jnlp/resources/Messages.properties | 3
netx/net/sourceforge/jnlp/runtime/Boot.java | 35 ---
netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 89 ----------
netx/net/sourceforge/jnlp/security/SecurityUtil.java | 11 -
plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java | 5
diffs (305 lines):
diff -r 87624fe05628 -r 75832973e0fa ChangeLog
--- a/ChangeLog Wed Nov 24 13:12:52 2010 -0500
+++ b/ChangeLog Wed Nov 24 14:15:11 2010 -0500
@@ -1,3 +1,25 @@ 2010-11-24 Omair Majid <omajid at redhat.
+2010-11-24 Omair Majid <omajid at redhat.com>
+
+ CVE-2010-3860 IcedTea System property information leak via public static
+ * netx/net/sourceforge/jnlp/runtime/Boot.java: Remove basedir
+ option. Add NETX_ABOUT_FILE.
+ (run): Remove call to JNLPRuntime.setBaseDir.
+ (getAboutFile): Use the constant in this file, not JNLPRuntime.
+ (getBaseDir): Remove obsolete method.
+ * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: Remove
+ baseDir, USER, HOME_DIR, NETXRC_FILE, NETX_DIR, SECURITY_DIR,
+ CERTFICIATES_FILE, JAVA_HOME_DIR, NETX_ABOUT_FILE.
+ (initialize): Do not set baseDir.
+ (getBaseDir): Remove method.
+ (setBaseDir): Likewise.
+ (getDefaultBaseDir): Likewise.
+ (getProperties): Likewise.
+ * netx/net/sourceforge/jnlp/security/SecurityUtil.java
+ (getTrustedCertsFilename): Delegate to
+ KeyStores.getKeyStoreLocation.
+ * plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
+ (PluginAppletSecurityContext): Remove call to obsolete method.
+
2010-11-24 Omair Majid <omajid at redhat.com>
Fix PR592.
diff -r 87624fe05628 -r 75832973e0fa NEWS
--- a/NEWS Wed Nov 24 13:12:52 2010 -0500
+++ b/NEWS Wed Nov 24 14:15:11 2010 -0500
@@ -11,6 +11,7 @@ New in release 1.0 (2010-XX-XX):
New in release 1.0 (2010-XX-XX):
* Initial release of IcedTea-Web
+* CVE-2010-3860: IcedTea System property information leak via public static
* PR542: Plugin fails with NPE on http://www.openprocessing.org/visuals/iframe.php?visualID=2615
* Applets are now double-buffered to eliminate flicker in ones that do heavy drawing
* Iinterfaces javax.jnlp.IntegrationService and javax.jnlp.DownloadService2 are now available
diff -r 87624fe05628 -r 75832973e0fa netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Nov 24 13:12:52 2010 -0500
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Nov 24 14:15:11 2010 -0500
@@ -139,7 +139,6 @@ RConfigurationError=Fatal error while re
# Boot options, message should be shorter than this ---------------->
BOUsage=javaws [-run-options] <jnlp file>
BOUsage2=javaws [-control-options]
-BOBasedir = Directory where the cache is kept.
BOJnlp = Location of JNLP file to launch (url or file).
BOArg = Adds an application argument before launching.
BOParam = Adds an applet parameter before launching.
@@ -232,4 +231,4 @@ KSJsseCerts=Trusted JSSE Certificates
KSJsseCerts=Trusted JSSE Certificates
KSCaCerts=Trusted Root CA Certificates
KSJsseCaCerts=Trusted JSSE Root CA Certificates,
-KSClientCerts=Client Authentication Certificates
\ No newline at end of file
+KSClientCerts=Client Authentication Certificates
diff -r 87624fe05628 -r 75832973e0fa netx/net/sourceforge/jnlp/runtime/Boot.java
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java Wed Nov 24 13:12:52 2010 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/Boot.java Wed Nov 24 14:15:11 2010 -0500
@@ -95,7 +95,6 @@ public final class Boot implements Privi
+ " -viewer "+R("BOViewer")+"\n"
+ "\n"
+ "run-options:"+"\n"
- + " -basedir dir "+R("BOBasedir")+"\n"
+ " -arg arg "+R("BOArg")+"\n"
+ " -param name=value "+R("BOParam")+"\n"
+ " -property name=value "+R("BOProperty")+"\n"
@@ -110,6 +109,11 @@ public final class Boot implements Privi
+ " -Xnofork "+R("BXnofork")+"\n"
+ " -Xclearcache "+R("BXclearcache")+"\n"
+ " -help "+R("BOHelp")+"\n";
+
+ /** the JNLP file to open to display the network-based about window */
+ private static final String NETX_ABOUT_FILE = System.getProperty("java.home") + File.separator + "lib"
+ + File.separator + "about.jnlp";
+
private static final String doubleArgs = "-basedir -jnlp -arg -param -property -update";
@@ -179,7 +183,6 @@ public final class Boot implements Privi
* The privileged part (jdk1.3 compatibility).
*/
public Void run() {
- JNLPRuntime.setBaseDir(getBaseDir());
JNLPRuntime.setSecurityEnabled(null == getOption("-nosecurity"));
JNLPRuntime.initialize(true);
@@ -221,8 +224,8 @@ public final class Boot implements Privi
*/
private static String getAboutFile() {
- if (new File(JNLPRuntime.NETX_ABOUT_FILE).exists())
- return JNLPRuntime.NETX_ABOUT_FILE;
+ if (new File(NETX_ABOUT_FILE).exists())
+ return NETX_ABOUT_FILE;
else
return null;
}
@@ -414,28 +417,4 @@ public final class Boot implements Privi
return result.toArray( new String[result.size()] );
}
- /**
- * Return the base dir. If the base dir parameter is not set
- * the value is read from JNLPRuntime.NETX_ABOUT_FILE file.
- * If that file does not exist, an install dialog is displayed
- * to select the base directory.
- */
- private static File getBaseDir() {
- if (getOption("-basedir") != null) {
- File basedir = new File(getOption("-basedir"));
-
- if (!basedir.exists() || !basedir.isDirectory())
- fatalError(R("BNoDir", basedir));
-
- return basedir;
- }
-
- // check .netxrc
- File basedir = JNLPRuntime.getDefaultBaseDir();
- if (basedir == null)
- fatalError(R("BNoBase"));
-
- return basedir;
- }
-
}
diff -r 87624fe05628 -r 75832973e0fa netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Wed Nov 24 13:12:52 2010 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Wed Nov 24 14:15:11 2010 -0500
@@ -79,9 +79,6 @@ public class JNLPRuntime {
/** handles all security message to show appropriate security dialogs */
private static SecurityDialogMessageHandler securityDialogMessageHandler;
-
- /** the base dir for cache, etc */
- private static File baseDir;
/** a default launch handler */
private static LaunchHandler handler = null;
@@ -127,33 +124,6 @@ public class JNLPRuntime {
public static final String STDERR_FILE = "java.stderr";
public static final String STDOUT_FILE = "java.stdout";
-
- /** Username */
- public static final String USER = System.getProperty("user.name");
-
- /** User's home directory */
- public static final String HOME_DIR = System.getProperty("user.home");
-
- /** the ~/.netxrc file containing netx settings */
- public static final String NETXRC_FILE = HOME_DIR + File.separator + ".netxrc";
-
- /** the ~/.netx directory containing user-specific data */
- public static final String NETX_DIR = HOME_DIR + File.separator + ".netx";
-
- /** the ~/.netx/security directory containing security related information */
- public static final String SECURITY_DIR = NETX_DIR + File.separator + "security";
-
- /** the ~/.netx/security/trusted.certs file containing trusted certificates */
- public static final String CERTIFICATES_FILE = SECURITY_DIR + File.separator + "trusted.certs";
-
- /** the java.home directory */
- public static final String JAVA_HOME_DIR = System.getProperty("java.home");
-
- /** the JNLP file to open to display the network-based about window */
- public static final String NETX_ABOUT_FILE = JAVA_HOME_DIR + File.separator + "lib"
- + File.separator + "about.jnlp";
-
-
/**
* Returns whether the JNLP runtime environment has been
@@ -212,12 +182,6 @@ public class JNLPRuntime {
if (handler == null)
handler = new DefaultLaunchHandler();
-
- if (baseDir == null)
- baseDir = getDefaultBaseDir();
-
- if (baseDir == null)
- throw new IllegalStateException(JNLPRuntime.getMessage("BNoBase"));
ServiceManager.setServiceManagerStub(new XServiceManagerStub()); // ignored if we're running under Web Start
@@ -395,25 +359,6 @@ public class JNLPRuntime {
}
/**
- * Return the base directory containing the cache, persistence
- * store, etc.
- */
- public static File getBaseDir() {
- return baseDir;
- }
-
- /**
- * Sets the base directory containing the cache, persistence
- * store, etc.
- *
- * @throws IllegalStateException if caller is not the exit class
- */
- public static void setBaseDir(File baseDirectory) {
- checkInitialized();
- baseDir = baseDirectory;
- }
-
- /**
* Returns whether the secure runtime environment is enabled.
*/
public static boolean isSecurityEnabled() {
@@ -452,31 +397,6 @@ public class JNLPRuntime {
}
/**
- * Returns the system default base dir for or if not set,
- * prompts the user for the location.
- *
- * @return the base dir, or null if the user canceled the dialog
- * @throws IOException if there was an io exception
- */
- public static File getDefaultBaseDir() {
- PropertiesFile props = JNLPRuntime.getProperties();
-
- String baseStr = props.getProperty("basedir");
- if (baseStr != null)
- return new File(baseStr);
-
- String homeDir = HOME_DIR;
- File baseDir = new File(NETX_DIR);
- if (homeDir == null || (!baseDir.isDirectory() && !baseDir.mkdir()))
- return null;
-
- props.setProperty("basedir", baseDir.toString());
- props.store();
-
- return baseDir;
- }
-
- /**
* Set a class that can exit the JVM; if not set then any class
* can exit the JVM.
*
@@ -502,15 +422,6 @@ public class JNLPRuntime {
*/
public static ApplicationInstance getApplication() {
return security.getApplication();
- }
-
- /**
- * Return a PropertiesFile object backed by the runtime's
- * properties file.
- */
- public static PropertiesFile getProperties() {
- File netxrc = new File(NETXRC_FILE);
- return new PropertiesFile(netxrc);
}
/**
diff -r 87624fe05628 -r 75832973e0fa netx/net/sourceforge/jnlp/security/SecurityUtil.java
--- a/netx/net/sourceforge/jnlp/security/SecurityUtil.java Wed Nov 24 13:12:52 2010 -0500
+++ b/netx/net/sourceforge/jnlp/security/SecurityUtil.java Wed Nov 24 14:15:11 2010 -0500
@@ -43,20 +43,15 @@ import java.security.KeyStore;
import java.security.KeyStore;
import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.security.KeyStores.Level;
+import net.sourceforge.jnlp.security.KeyStores.Type;
public class SecurityUtil {
private static final char[] password = "changeit".toCharArray();
public static String getTrustedCertsFilename() throws Exception{
-
- String homeDir = JNLPRuntime.HOME_DIR;
-
- if (homeDir == null) {
- throw new Exception("Could not access home directory");
- } else {
- return JNLPRuntime.CERTIFICATES_FILE;
- }
+ return KeyStores.getKeyStoreLocation(Level.USER, Type.CERTS);
}
public static char[] getTrustedCertsPassword() {
diff -r 87624fe05628 -r 75832973e0fa plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
--- a/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java Wed Nov 24 13:12:52 2010 -0500
+++ b/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java Wed Nov 24 14:15:11 2010 -0500
@@ -250,11 +250,6 @@ public class PluginAppletSecurityContext
public PluginAppletSecurityContext(int identifier) {
this.identifier = identifier;
-
- // also, override the basedir, use a different one for the plugin
- File f = new File(System.getProperty("user.home") + "/.icedteaplugin/");
- f.mkdir();
- JNLPRuntime.setBaseDir(f);
// We need a security manager.. and since there is a good chance that
// an applet will be loaded at some point, we should make it the SM
More information about the distro-pkg-dev
mailing list