[rfc][icedtea-web] PR1769 small hole fix

Andrew Azores aazores at redhat.com
Fri Aug 1 19:27:16 UTC 2014


There's a very small hole in the PR1769 patch which can allow for signed 
applets which specify sandbox permissions in their manifests to not 
actually be sandboxed when they run (unless the Sandbox button is 
clicked), in very specific circumstances. The reproducer test cases 
added along with the original patch show these two failures. It took 
quite some time to run all the reproducers and verify the results, but 
the attached patch should fix these two failures without causing any new 
failures anywhere else.


Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: pr1769-hole-fix.patch
Type: text/x-patch
Size: 1554 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140801/c9f118d0/pr1769-hole-fix.patch>

More information about the distro-pkg-dev mailing list