Reviewer needed - fix for Re: Strange behaviour during javaws -about
Omair Majid
omajid at redhat.com
Thu Feb 24 11:04:33 PST 2011
On 02/24/2011 01:38 PM, Dr Andrew John Hughes wrote:
> On 18:20 Thu 24 Feb , Jiri Vanek wrote:
>> On 02/24/2011 06:04 PM, Dr Andrew John Hughes wrote:
>>> On 17:43 Thu 24 Feb , Jiri Vanek wrote:
>>>> + * extras/net/sourceforge/jnlp/about/Main.java: removed ivokelater,
>>>> useless hypertextlistener and runtime which needed special permissions.
>>>
>>> Why is it useless?
>>>
>>
>> Without permissions, the likns can not be lunched by clicking. Most of
>> the likns are on second tab with demos, which should be removed from my
>> point of view... Eh bed words maybe. Runtime is useless without
>> hyperlinklistener and without invoke later, but it itself needed special
>> permissions should it have to be removed.
>>
>
> If it breaks functionality, why are we removing the permissions?
> We should keep the demo tab IMHO.
>
I dont really have a strong preference either way, but here are some
thoughts.
Permissions can only be granted to signed jars. If we are using a local
jar, we will have to modify the build to actually create a keystore,
initialize it and use it to sign about.jar just built.
And this still doesnt fix the problem where the user is shown a scary
security warning when they run javaws -about. We certainly dont want
users to get in the habit of accepting security dialogs.
Having an unsigned about.jar (if that's possible - we are discovering a
ridiculous number of problems with making it all work) will not prompt
the user with a security dialog.
Cheers,
Omair
More information about the distro-pkg-dev
mailing list