[RFC][icedtea-web] Update security dialogs to be more descriptive
Danesh Dadachanji
ddadacha at redhat.com
Wed Jul 18 13:10:32 PDT 2012
Hello,
The following patch fixes RH838417 and RH838559. [1][2]
It adds the following message along with the description to dialogs that are shown when a jar cert is unverified or has signing errors:
"The code executed will be given full permissions, ignoring any java policies you may have."
I've also added the warning.png icon to HTTPS cert dialogs.
You can test the patch using this[3] website or see my attached image. =)
ChangeLog:
+2012-07-18 Danesh Dadachanji <ddadacha at redhat.com>
+
+ Update message to security dialog, explicitly telling users they will be
+ executing code that has AllPermissions and ignores policy files.
+ * NEWS: Added entries for RH838417 and RH838559.
+ * netx/net/sourceforge/jnlp/resources/Messages.properties:
+ Added SWarnFullPermissionsIgnorePolicy and updated SHttpsUnverified.
+ * netx/net/sourceforge/jnlp/security/CertWarningPane.java: Display
+ SWarnFullPermissionsIgnorePolicy if the cert is from a jar and is either
+ unverified or has a signing error. Also added warning.png to HTTPS dialogs.
+
[1] https://bugzilla.redhat.com/show_bug.cgi?id=838417
[2] https://bugzilla.redhat.com/show_bug.cgi?id=838559
[3] https://www.portalbank.no/1100/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cert-dialog-update-01.patch
Type: text/x-patch
Size: 6186 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120718/7049ad63/cert-dialog-update-01.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cert-warning-new.png
Type: image/png
Size: 35459 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120718/7049ad63/cert-warning-new.png
More information about the distro-pkg-dev
mailing list