[RFC][icedtea-web] Update security dialogs to be more descriptive
Danesh Dadachanji
ddadacha at redhat.com
Wed Jul 18 13:12:02 PDT 2012
On 18/07/12 04:10 PM, Danesh Dadachanji wrote:
> Hello,
>
> The following patch fixes RH838417 and RH838559. [1][2]
>
> It adds the following message along with the description to dialogs that are shown when a jar cert is unverified or has signing errors:
> "The code executed will be given full permissions, ignoring any java policies you may have."
>
> I've also added the warning.png icon to HTTPS cert dialogs.
>
> You can test the patch using this[3] website or see my attached image. =)
>
> ChangeLog:
> +2012-07-18 Danesh Dadachanji <ddadacha at redhat.com>
> +
> + Update message to security dialog, explicitly telling users they will be
> + executing code that has AllPermissions and ignores policy files.
> + * NEWS: Added entries for RH838417 and RH838559.
> + * netx/net/sourceforge/jnlp/resources/Messages.properties:
> + Added SWarnFullPermissionsIgnorePolicy and updated SHttpsUnverified.
> + * netx/net/sourceforge/jnlp/security/CertWarningPane.java: Display
> + SWarnFullPermissionsIgnorePolicy if the cert is from a jar and is either
> + unverified or has a signing error. Also added warning.png to HTTPS dialogs.
> +
>
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=838417
> [2] https://bugzilla.redhat.com/show_bug.cgi?id=838559
> [3] https://www.portalbank.no/1100/
Woops, forgot to mention, I'd like to push this to 1.2, 1.3 on top of HEAD if others think it's okay.
Cheers,
Danesh
More information about the distro-pkg-dev
mailing list