[icedtea-web] RFC: stop JNLPPolicy from granting duplicate permissions to a CodeSource
Omair Majid
omajid at redhat.com
Wed Feb 9 07:05:11 PST 2011
On 12/17/2010 05:52 PM, Omair Majid wrote:
> Hi,
>
> The attached patch modifies JNLPPolicy so that it does grant permissions
> that the CodeSource already has.
>
> As described in Java 2 Platform Security Second Edition section 5.6 (and
> can be seen in the implementation of ProtectionDomain and Policy
> classes), whenever permission checks are needed, static permissions and
> then dynamic permissions are consulted.
>
> Static permission to CodeSources are granted by the (subclasses of)
> SecureClassLoader, while dynamic permissions are granted by the current
> Policy.
>
> In IcedTea-Web, JNLPPolicy consults JNLPClassLoader to grant all the
> static permissions again (in addition to any dynamic ones). The result
> is that CodeSources are given the same permissions twice. This is
> unnecessary and should be fixed. The attached patch accomplishes that.
>
> This is not a major problem but it does make stepping through the
> JNLPPolicy class a little annoying. It also gives the impression that to
> grant a CodeSource different permissions than those granted by the
> JNLPClassLoader, modifying the JNLPPolicy is enough, which may lead to
> subtle bugs later on.
>
> Cheers,
> Omair
Ping. Any thoughts?
Thanks,
Omair
More information about the distro-pkg-dev
mailing list