[icedtea-web] "Not All Signed" dialog and low-security setting

Tue Dec 3 13:36:18 PST 2013

On 12/03/2013 11:04 AM, Jiri Vanek wrote:
>
> This seems to be included in current version of "Re: 
> [rfc][icedtea-web] Mixed-signing applet permissions (PR1592)" however 
> seems to be not working.
>
> As you suggested - the "not signed app is running" dialogue should not 
> be showing - but is.
> However -  this still needs some tweaking:
>    the "only part of application is signed" dialogue is really dummy 
> -  information of codebases/page pase (both for signed and unsigned 
> part), signature details... run, run in sandbox, not run, remember 
> decsission and so on are missing. Those information are critical for 
> user to be able to decide.
> After "Re: [rfc][icedtea-web] Mixed-signing applet permissions 
> (PR1592)" is in (as I'm going to aprove it now) this dialogue tweeking 
> will be blocker of 1.5 release, as it needs to be done right.
>
> J.

This patch doesn't yet take into account the "run in sandbox" action 
button, but it does give a dedicated "Partially Signed" dialog, as 
opposed to stacking the "Unsigned" confirmation with the "not all 
signed" warning. The "not all signed" warning is no longer displayed 
when JARs with partial signing are discovered. Instead, the new 
"Partially Signed" dialog should appear in the same manner the 
"Unsigned" dialog does. The "not all signed" warning is still displayed 
when an applet's JARs are all signed but its main-class is external.

The major change here is that the UnsignedAppletTrustWarningPanel became 
the AppletTrustWarningPanel and was made abstract. Two new concrete 
implementations extend it - UnsignedAppletTrustWarningPanel, and 
PartiallySignedAppletTrustWarningPanel. The two dialogs are mostly 
identical, the differences just being in the text they contain and the 
icons they display. The Unsigned variant is identical in appearance and 
function to how it was before the patch.

Other than this, the changes are generally minor additions to support 
this addition elsewhere in the codebase, ie mirroring how the Extended 
Applet Security stuff deals with the Unsigned variant.

This new dialog also doesn't obey the Extended Applet Security setting, 
so it will appear even if you have security set to Low. So those plugin 
applet tests from PR1592 can't be enabled yet.

ChangeLog:
Introduce new Partially Signed security confirmation dialog.
* netx/net/sourceforge/jnlp/resources/Messages.properties: 
(SPartiallySignedDetail) new message
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: 
(createInstance) invoke PartiallySignedAppletTrustWarning when 
appropriate. (initializeResources) do not show old "Not All Signed" 
warning for partially signed applets. (checkNotAllSignedWithUser) 
removed unneeded param
* netx/net/sourceforge/jnlp/security/SecurityDialog.java: (initDialog, 
installPanel) handle new PARTIALLY_SIGNED_WARNING DialogType
* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (DialogType) 
added PARTIALLY_SIGNED_WARNING. (UnsignedWarningAction) renamed to 
TrustWarningAction. (showPartiallySignedWarningDialog) new method
* 
netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: use 
TrustWarningAction
* 
netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java: 
mostly moved into new AppletTrustWarningPanel class, which it now extends.
* 
netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: 
new class
* netx/net/sourceforge/jnlp/security/AppletTrustWarningPanel.java: new 
abstract parent class for UnsignedAppletTrustWarningPanel and 
PartiallySignedAppletTrustWarningPanel.
* 
netx/net/sourceforge/jnlp/security/PartiallySignedAppletTrustWarningDialog.java: 
new class
* 
netx/net/sourceforge/jnlp/security/PartiallySignedAppletTrustWarningPanel.java: 
new class

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: partially-signed-dialog.patch
Type: text/x-patch
Size: 39934 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20131203/f17a1003/partially-signed-dialog-0001.patch 