Strange behaviour during javaws -about

Jiri Vanek jvanek at redhat.com
Fri Feb 18 08:00:08 PST 2011 

On 02/18/2011 04:11 PM, Omair Majid wrote:
> On 02/18/2011 09:38 AM, Jiri Vanek wrote:
>> Can you anybody check it?
>> https://bugzilla.redhat.com/show_bug.cgi?id=677334
>>
>> regards J
>
> I wanted to thank you for bringing up issues that first-time users are
> likely to run into. First impressions are important and all your points
> are valid.
>
> Andrew Hughes may know more about this than I do, but I dont think we
> want to backport these changes to IcedTea6's netx - IcedTea6's netx is
> mostly receiving security fixes at this point. Most of the actual work
> is being done in icedtea-web. As such, I believe we should fix things in
> icedtea-web (only).
true
>
> Also, please be careful when making changes to files hosted on
> icedtea.classpath.org - the changes may break javaws. Please discuss
> things on this mailing list first.
>

True. I wanted to check if my conclusions are usefull also in direct 
source and revert. But you were faster;)

> As for updating the things that javaws -about shows, that sounds like a
> great idea.
>
> Personally, I dont think running an online application for showing the
> about dialog is a great idea. A user using a particular version of
Exactly. This will be a little bit more work, but will bring just benefites.

> icedtea-web would want to see information about that particular version
> (and not the version that just happens to be on icedtea.classpath.org).
> If anything, I think javaws -about should launch the local version about
> about. (This also takes care of the problem that we ship an about.jar
> that's completely unused!)
Exactly!
>
> As for security permissions, I agree that we should remove
> all-permissions it if it's not absolutely necessary.

Will not be necessary in case of local jar.

> That said, I do think the permissions are required by the about
> application as it currently stands.
> extra/net/sourceforge/jnlp/about/Main.java contains these two lines:
> import net.sourceforge.jnlp.Launcher;
> import net.sourceforge.jnlp.runtime.JNLPRuntime;
> while JNLPRuntime executes these two lines before about.jnlp gets a
> chance to run: Security.setProperty("package.access",
> Security.getProperty("package.access")+",net.sourceforge.jnlp");
> So I believe the about application will throw security exceptions on
> start if it does not have full permissions.

I can not confirm it, but this is wired. I have really run the 
application without those rights and was running properly %-(

> Thanks again for raising these issues; even more for volunteering to fix
> them :)

Looking forward to enjoy java progrmaming after some delay again;)

>
> Cheers,
> Omair

More information about the distro-pkg-dev mailing list