[icedtea-web] RFC: RH738814 - Access denied at ssl handshake
Deepak Bhole
dbhole at redhat.com
Thu Sep 22 13:57:09 PDT 2011
* Omair Majid <omajid at redhat.com> [2011-09-19 17:53]:
> Hi,
>
> The attached patch should address RH738814 [1]
>
> The stack trace of the exception shows that code in
> VariableX509TrustManager tries do show a prompt which needs all
> permissions. Since the method call was originally from an untrusted
> applet, these permissions are missing and a security exception is
> thrown.
>
> Something along this line was anticipated earlier [2], but my fix
> may have been too broad. So now that we have a stack trace, I have a
> more focused patch. Any thoughts or comments?
>
> The patch is for HEAD, but applies to 1.1 as well. It should also
> apply to 1.0 after trivial changes - though I am not sure if that's
> something we should do.
>
Agreed. I am not sure how worthwhile it is to fix this in 1.0 either.
Approved for 1.1 and HEAD.
Cheers,
Deepak
More information about the distro-pkg-dev
mailing list