[rfc][icedtea-web] Fix for PR1198, JSObject passed incorrectly to Javascript
Adam Domurad
adomurad at redhat.com
Mon Jan 7 09:38:10 PST 2013
On 01/07/2013 11:44 AM, Jiri Vanek wrote:
> On 01/07/2013 04:47 PM, Adam Domurad wrote:
>> On 01/07/2013 09:53 AM, Jiri Vanek wrote:
>>>> [.. rest snipped..]
>>> Isn't missing updated junit patch here?
>>
>> Sorry, was awaiting your advice -- if you did not like this
>> security-manager-in-constructor change
>> than the unit test would not be valid, a quite different approach
>> would have to be used.
>>
>>>
>>> Thanx for looking into it.
>>> J.
>>>
>>
>>
>> patch attached,
>> -Adam
>>
>> jsfix-unittest2.patch
>>
>>
>> diff --git
>> a/plugin/icedteanp/java/netscape/javascript/JSObjectUnboxPermission.java
>> b/plugin/icedteanp/java/netscape/javascript/JSObjectUnboxPermission.java
>> new file mode 100644
>> --- /dev/null
>> +++
>> b/plugin/icedteanp/java/netscape/javascript/JSObjectUnboxPermission.java
>> @@ -0,0 +1,49 @@
>> +/* JSObjectUnboxPermission.java
>> + Copyright (C) 2012 Red Hat
>> +
>> +This file is part of IcedTea.
>> +
>> +IcedTea is free software; you can redistribute it and/or modify
>> +it under the terms of the GNU General Public License as published by
>> +the Free Software Foundation; either version 2, or (at your option)
>> +any later version.
>> +
>> +IcedTea is distributed in the hope that it will be useful, but
>> +WITHOUT ANY WARRANTY; without even the implied warranty of
>> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>> +General Public License for more details.
>> +
>> +You should have received a copy of the GNU General Public License
>> +along with IcedTea; see the file COPYING. If not, write to the
>> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
>> Boston, MA
>> +02110-1301 USA.
>> +
>> +Linking this library statically or dynamically with other modules is
>> +making a combined work based on this library. Thus, the terms and
>> +conditions of the GNU General Public License cover the whole
>> +combination.
>> +
>> +As a special exception, the copyright holders of this library give you
>> +permission to link this library with independent modules to produce an
>> +executable, regardless of the license terms of these independent
>> +modules, and to copy and distribute the resulting executable under
>> +terms of your choice, provided that you also meet, for each linked
>> +independent module, the terms and conditions of the license of that
>> +module. An independent module is a module which is not derived from
>> +or based on this library. If you modify this library, you may extend
>> +this exception to your version of the library, but you are not
>> +obligated to do so. If you do not wish to do so, delete this
>> +exception statement from your version. */
>> +
>> +package netscape.javascript;
>> +
>> +import java.security.BasicPermission;
>> +
>> +/**
>> + * Permission to access internal reference of JSObject
>> + */
>> +public class JSObjectUnboxPermission extends BasicPermission {
>> + public JSObjectUnboxPermission() {
>> + super("JSObjectUnbox");
>> + }
>> +}
>> diff --git
>> a/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
>> b/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
>> --- a/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
>> +++ b/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
>> @@ -53,7 +53,6 @@ import java.security.Permissions;
>> import java.security.PrivilegedAction;
>> import java.security.ProtectionDomain;
>> import java.util.ArrayList;
>> -import java.util.Arrays;
>> import java.util.Hashtable;
>> import java.util.List;
>> import java.util.Map;
>> @@ -241,16 +240,6 @@ public class PluginAppletSecurityContext
>> public PluginAppletSecurityContext(int identifier) {
>> this.identifier = identifier;
>>
>> - // We need a security manager.. and since there is a good
>> chance that
>> - // an applet will be loaded at some point, we should make it
>> the SM
>> - // that JNLPRuntime will try to install
>> - if (System.getSecurityManager() == null) {
>> - JNLPRuntime.initialize(/* isApplication */false);
>> - JNLPRuntime.setDefaultLaunchHandler(new
>> DefaultLaunchHandler(System.err));
>> - }
>> -
>> - JNLPRuntime.disableExit();
>> -
>> URL u = null;
>> try {
>> u = new URL("file://");
>> diff --git a/plugin/icedteanp/java/sun/applet/PluginMain.java
>> b/plugin/icedteanp/java/sun/applet/PluginMain.java
>> --- a/plugin/icedteanp/java/sun/applet/PluginMain.java
>> +++ b/plugin/icedteanp/java/sun/applet/PluginMain.java
>> @@ -73,6 +73,7 @@ import java.net.ProxySelector;
>> import java.util.Enumeration;
>> import java.util.Properties;
>>
>> +import net.sourceforge.jnlp.DefaultLaunchHandler;
>> import net.sourceforge.jnlp.config.DeploymentConfiguration;
>> import net.sourceforge.jnlp.runtime.JNLPRuntime;
>> import net.sourceforge.jnlp.security.JNLPAuthenticator;
>> @@ -106,6 +107,15 @@ public class PluginMain {
>> // must be called before JNLPRuntime.initialize()
>> JNLPRuntime.setRedirectStreams(redirectStreams);
>>
>> + // We need a security manager for
>> PluginAppletSecurityContext,
>> + // so we ensure it is initialized
>> + if (System.getSecurityManager() == null) {
>> + JNLPRuntime.initialize(/* isApplication */false);
>> + JNLPRuntime.setDefaultLaunchHandler(new
>> DefaultLaunchHandler(System.err));
>> + }
>> +
>> + JNLPRuntime.disableExit();
>> +
>> PluginAppletSecurityContext sc = new
>> PluginAppletSecurityContext(0);
>> sc.prePopulateLCClasses();
>
> Well, I'm still not comfortable with this change.
> I'm not sure which security parts can be affected:-/ I really would
> like to know Jana's opinion here.
> Do you mind to move it to separate method?
I have attached a patch that is more refactoring-proof. It is based on
bypassing installation via package-private constructor. Note there is no
security risk if this is 'bypassed' once it has already occurred.
> [.. snip ..]
>>
>
Thanks,
-Adam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jsfix-unittest3.patch
Type: text/x-patch
Size: 9812 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20130107/125da2d5/jsfix-unittest3.patch
More information about the distro-pkg-dev
mailing list