[icedtea-web] URLPermission in Java 8
Omair Majid
omajid at redhat.com
Wed Jun 18 16:59:18 UTC 2014
* Andrew Azores <aazores at redhat.com> [2014-06-18 12:55]:
> Do we really want to exclude this permission from the reported set of
> permissions in the applet's SecurityDesc?
I am not sure what you mean by 'reported set'.
If you mean keeping this permission separate from others, then
Code-wise, it's not ideal. But this might be better for performance if
we stop icedtea-web from re-computing the same permissions multiple
times and only apply the static permissions once, at class creation
time.
> Because setting it directly in the ClassLoader instead means that
> further attempts to determine the sandbox set applied to the applet
> will be incomplete if done through SecurityDesc, which doesn't sound
> good to me.
I don't follow. What is the 'sandbox set'?
Thanks,
Omair
--
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681
More information about the distro-pkg-dev
mailing list