[icedtea-web] RFC: get the security handler in a privileged operation
Deepak Bhole
dbhole at redhat.com
Mon Oct 25 10:45:44 PDT 2010
* Omair Majid <omajid at redhat.com> [2010-10-25 13:37]:
> Hi,
>
> The attached patch ensures that posting a security message is done
> with full privileges. This is being done already in the EDT
> (EventDispatchThread) case, but not in the non-EDT case.
>
Are there any problems if it doesn't have full permissions? I'd rather
give it less permissions than more unless really needed...
If not needed, the doProvileged() from EDT should be removed as well.
Deepak
> ChangeLog:
> 2010-10-25 Omair Majid <omajid at redhat.com>
>
> * netx/net/sourceforge/jnlp/security/SecurityWarning.java
> (getUserResponse): Get the SecurityDialogHandler with full
> prvileges.
>
> Any objections?
>
> Thanks,
> Omair
> diff -r e9910d92b046 netx/net/sourceforge/jnlp/security/SecurityWarning.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityWarning.java Mon Oct 25 12:14:33 2010 -0400
> +++ b/netx/net/sourceforge/jnlp/security/SecurityWarning.java Mon Oct 25 13:31:30 2010 -0400
> @@ -278,7 +278,13 @@
> */
> message.toDispose = null;
> message.lock = new Semaphore(0);
> - JNLPRuntime.getSecurityDialogHandler().postMessage(message);
> + AccessController.doPrivileged(new PrivilegedAction<Void>() {
> + @Override
> + public Void run() {
> + JNLPRuntime.getSecurityDialogHandler().postMessage(message);
> + return null;
> + }
> + });
>
> boolean done = false;
> while (!done) {
More information about the distro-pkg-dev
mailing list