[Bug 1094] icedtea-web does not work with Schwab's StreetSmart applet
bugzilla-daemon at icedtea.classpath.org
bugzilla-daemon at icedtea.classpath.org
Wed Jul 25 13:18:35 PDT 2012
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1094
Deepak Bhole <dbhole at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |WONTFIX
--- Comment #4 from Deepak Bhole <dbhole at redhat.com> ---
Ah, sorry. The NPE only happens during exit. The real culprit appears to be
this:
java.lang.SecurityException: Changing the SecurityManager is not allowed.
at
net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkPermission(JNLPSecurityManager.java:270)
at java.lang.System.setSecurityManager0(System.java:295)
at java.lang.System.setSecurityManager(System.java:286)
at com.cybertrader.streamer.StreamerApplet.init(Unknown Source)
at sun.applet.AppletPanel.run(AppletPanel.java:435)
at java.lang.Thread.run(Thread.java:722)
WRITING 2: instance 1 status Start: applet not initialized.
PIPE: appletviewer wrote: instance 1 status Start: applet not initialized.
This is by design. The icedtea-web plug-in uses a single VM design and we
cannot allow one applet to dictate security policy for other applets (even if
that applet is signed).
The Oracle plug-in uses a single VM model too but allows replacing the manager.
IMO it should not either.
Sorry if it sounds like I am trying to pass the blame, but I am not. This
decision is by design and makes sense from a security perspective. Schwab
should fix their applet. A properly written one should not need to overwrite
the security manager as trusted applets already have full access.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120725/8f058e24/attachment.html
More information about the distro-pkg-dev
mailing list