[icedtea-web] (PR1513) Signed JAR with external main-class
Omair Majid
omajid at redhat.com
Tue Oct 29 11:09:52 PDT 2013
* Andrew Azores <aazores at redhat.com> [2013-10-23 16:36]:
> Fix and reproducer patches attached. The fix is a little bit of an
> ugly workaround I guess, but I think a nicer solution would involve
> rewriting a lot of other things. Maybe that can come later on down
> the road.
>
> What happens here is that if the JNLPFile's main-class is marked as
> external by the JNLPClassLoader, then the AppVerifiers will never
> use AccessType.VERIFIED. Instead, either SIGNING_ERROR or UNVERIFIED
> will be used. Which one depends on
> CertInformation#isRootInCaCerts(). If this returns true then you get
> the "signing error" dialog box, else you get the "unverified"
> message. The classloader still considers the applet to be signed,
> however. I figured it was better to tell the user there's a signing
> trust issue and ask for confirmation to run with full permissions,
> rather than restricting the applet to sandbox permissions, since the
> signed portion of the applet could very well require more
> permissions than that.
I am still concerned that we will load other classes from the code base
without warning, but will only warn about main class. I dont know if the
main class is special enough to make this distinction, if this can
happen with other classes too.
I would be okay with handling the main class and ignoring others (if
that even happens), but since the patch is a bit of a hack, I want to be
sure of this.
Thanks,
Omair
More information about the distro-pkg-dev
mailing list