/hg/icedtea6: netx: show the filename when an untrusted program ...
omajid at icedtea.classpath.org
omajid at icedtea.classpath.org
Mon Oct 4 08:10:20 PDT 2010
changeset 748a45decac0 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=748a45decac0
author: Omair Majid <omajid at redhat.com>
date: Mon Oct 04 11:05:17 2010 -0400
netx: show the filename when an untrusted program requests opening a
file
2010-10-04 Omair Majid <omajid at redhat.com>
* netx/net/sourceforge/jnlp/resources/Messages.properties:
Add AFileOnTheMachine, change SFileReadAccess and SFileWriteAccess.
* netx/net/sourceforge/jnlp/security/AccessWarningPane.java:
(addComponents): Add the filename to the message.
* netx/net/sourceforge/jnlp/services/XExtendedService.java:
(openFile): Pass along the filename to ServiceUtil.checkAccess.
* netx/net/sourceforge/jnlp/util/FileUtils.java:
(displayablePath): New method. (displayablePath): Likewise.
diffstat:
5 files changed, 83 insertions(+), 6 deletions(-)
ChangeLog | 12 ++
netx/net/sourceforge/jnlp/resources/Messages.properties | 5 -
netx/net/sourceforge/jnlp/security/AccessWarningPane.java | 15 ++-
netx/net/sourceforge/jnlp/services/XExtendedService.java | 4
netx/net/sourceforge/jnlp/util/FileUtils.java | 53 +++++++++++++
diffs (157 lines):
diff -r 94f30c67c2f9 -r 748a45decac0 ChangeLog
--- a/ChangeLog Fri Oct 01 11:39:33 2010 -0400
+++ b/ChangeLog Mon Oct 04 11:05:17 2010 -0400
@@ -1,3 +1,15 @@ 2010-10-01 Andrew Su <asu at redhat.com>
+2010-10-04 Omair Majid <omajid at redhat.com>
+
+ * netx/net/sourceforge/jnlp/resources/Messages.properties:
+ Add AFileOnTheMachine, change SFileReadAccess and SFileWriteAccess.
+ * netx/net/sourceforge/jnlp/security/AccessWarningPane.java:
+ (addComponents): Add the filename to the message.
+ * netx/net/sourceforge/jnlp/services/XExtendedService.java:
+ (openFile): Pass along the filename to ServiceUtil.checkAccess.
+ * netx/net/sourceforge/jnlp/util/FileUtils.java:
+ (displayablePath): New method.
+ (displayablePath): Likewise.
+
2010-10-01 Andrew Su <asu at redhat.com>
* PluginAppletViewer.java:
diff -r 94f30c67c2f9 -r 748a45decac0 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties Fri Oct 01 11:39:33 2010 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Oct 04 11:05:17 2010 -0400
@@ -6,6 +6,7 @@ ButOk=OK
ButOk=OK
ButCancel=\ Cancel\
ButBrowse=Browse...
+AFileOnTheMachine=a file on the machine
# LS - Severity
LSMinor=Minor
@@ -150,8 +151,8 @@ CChooseCacheDir=Cache directory
CChooseCacheDir=Cache directory
# Security
-SFileReadAccess=The application has requested read access to a file on the machine. Do you want to allow this action?
-SFileWriteAccess=The application has requested write access to a file on the machine. Do you want to allow this action?
+SFileReadAccess=The application has requested read access to {0}. Do you want to allow this action?
+SFileWriteAccess=The application has requested write access to {0}. Do you want to allow this action?
SDesktopShortcut=The application has requested permission to create a desktop launcher. Do you want to allow this action?
SSigUnverified=The application's digital signature cannot be verified. Do you want to run the application?
SSigVerified=The application's digital signature has been verified. Do you want to run the application?
diff -r 94f30c67c2f9 -r 748a45decac0 netx/net/sourceforge/jnlp/security/AccessWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java Fri Oct 01 11:39:33 2010 -0400
+++ b/netx/net/sourceforge/jnlp/security/AccessWarningPane.java Mon Oct 04 11:05:17 2010 -0400
@@ -56,6 +56,7 @@ import javax.swing.SwingConstants;
import javax.swing.SwingConstants;
import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.util.FileUtils;
/**
* Provides a panel to show inside a SecurityWarningDialog. These dialogs are
@@ -114,10 +115,18 @@ public class AccessWarningPane extends S
String topLabelText = "";
switch (type) {
case READ_FILE:
- topLabelText = R("SFileReadAccess");
+ if (extras != null && extras.length > 0 && extras[0] instanceof String) {
+ topLabelText = R("SFileReadAccess", FileUtils.displayablePath((String)extras[0]));
+ } else {
+ topLabelText = R("SFileReadAccess", R("AFileOnTheMachine"));
+ }
break;
case WRITE_FILE:
- topLabelText = R("SFileWriteAccess");
+ if (extras != null && extras.length > 0 && extras[0] instanceof String) {
+ topLabelText = R("SFileWriteAccess", FileUtils.displayablePath((String)extras[0]));
+ } else {
+ topLabelText = R("SFileWriteAccess", R("AFileOnTheMachine"));
+ }
break;
case CREATE_DESTKOP_SHORTCUT:
topLabelText = R("SDesktopShortcut");
@@ -145,7 +154,7 @@ public class AccessWarningPane extends S
JPanel topPanel = new JPanel(new BorderLayout());
topPanel.setBackground(Color.WHITE);
topPanel.add(topLabel, BorderLayout.CENTER);
- topPanel.setPreferredSize(new Dimension(400,60));
+ topPanel.setPreferredSize(new Dimension(450,100));
topPanel.setBorder(BorderFactory.createEmptyBorder(10,10,10,10));
//application info
diff -r 94f30c67c2f9 -r 748a45decac0 netx/net/sourceforge/jnlp/services/XExtendedService.java
--- a/netx/net/sourceforge/jnlp/services/XExtendedService.java Fri Oct 01 11:39:33 2010 -0400
+++ b/netx/net/sourceforge/jnlp/services/XExtendedService.java Mon Oct 04 11:05:17 2010 -0400
@@ -34,7 +34,9 @@ public class XExtendedService implements
public FileContents openFile(File file) throws IOException {
- if (ServiceUtil.checkAccess(SecurityWarningDialog.AccessType.READ_FILE)) {
+ /* FIXME: this opens a file with read/write mode, not just read or write */
+ if (ServiceUtil.checkAccess(SecurityWarningDialog.AccessType.READ_FILE,
+ new Object[]{ file.getAbsolutePath() })) {
return (FileContents) ServiceUtil.createPrivilegedProxy(FileContents.class,
new XFileContents(file));
} else {
diff -r 94f30c67c2f9 -r 748a45decac0 netx/net/sourceforge/jnlp/util/FileUtils.java
--- a/netx/net/sourceforge/jnlp/util/FileUtils.java Fri Oct 01 11:39:33 2010 -0400
+++ b/netx/net/sourceforge/jnlp/util/FileUtils.java Mon Oct 04 11:05:17 2010 -0400
@@ -68,4 +68,57 @@ public final class FileUtils {
return filename;
}
+ /**
+ * Returns a String that is suitable for using in GUI elements for
+ * displaying (long) paths to users.
+ *
+ * @param path a path that should be shortened
+ * @return a shortened path suitable for displaying to the user
+ */
+ public static String displayablePath(String path) {
+ final int DEFAULT_LENGTH = 40;
+ return displayablePath(path, DEFAULT_LENGTH);
+ }
+
+ /**
+ * Return a String that is suitable for using in GUI elements for displaying
+ * paths to users. If the path is longer than visibleChars, it is truncated
+ * in a display-friendly way
+ *
+ * @param path a path that should be shorted
+ * @param visibleChars the maximum number of characters that path should fit
+ * into. Also the length of the returned string
+ * @return a shortened path that contains limited number of chars
+ */
+ public static String displayablePath(String path, int visibleChars) {
+ /*
+ * use a very simple method: prefix + "..." + suffix
+ *
+ * where prefix is the beginning part of path (as much as we can squeeze in)
+ * and suffix is the end path of path
+ */
+
+ if (path == null || path.length() <= visibleChars) {
+ return path;
+ }
+
+ final String OMITTED = "...";
+ final int OMITTED_LENGTH = OMITTED.length();
+ final int MIN_PREFIX_LENGTH = 4;
+ final int MIN_SUFFIX_LENGTH = 4;
+ /*
+ * we want to show things other than OMITTED. if we have too few for
+ * suffix and prefix, then just return as much as we can of the filename
+ */
+ if (visibleChars < (OMITTED_LENGTH + MIN_PREFIX_LENGTH + MIN_SUFFIX_LENGTH)) {
+ return path.substring(path.length() - visibleChars);
+ }
+
+ int affixLength = (visibleChars - OMITTED_LENGTH)/2;
+ String prefix = path.substring(0, affixLength);
+ String suffix = path.substring(path.length() - affixLength);
+
+ return prefix + OMITTED + suffix;
+ }
+
}
More information about the distro-pkg-dev
mailing list