[rfc][icedtea-web] PR1769 small hole fix
Jiri Vanek
jvanek at redhat.com
Mon Aug 4 14:49:55 UTC 2014
On 08/01/2014 09:27 PM, Andrew Azores wrote:
> Hi,
>
> There's a very small hole in the PR1769 patch which can allow for signed applets which specify
> sandbox permissions in their manifests to not actually be sandboxed when they run (unless the
> Sandbox button is clicked), in very specific circumstances. The reproducer test cases added along
> with the original patch show these two failures. It took quite some time to run all the reproducers
> and verify the results, but the attached patch should fix these two failures without causing any new
> failures anywhere else.
>
> Thanks,
>
Looks ok to me. And thank you for good reproducers.
J.
More information about the distro-pkg-dev
mailing list