[Bug 3621] Can't run java applet on alpine

[bugzilla-daemon at icedtea.classpath.org]

https://icedtea.classpath.org/bugzilla/show_bug.cgi?id=3621

--- Comment #10 from Alex <alex.hha at gmail.com> ---
> Is the applet correctly signed? 

I don't know how to check it. But with Oracle Java all works fine out of the
box


> If you do not have answers for those,  then you can turn off all security and run it without sandbox.

I was able to success with the following policy

grant codeBase "https://ibank.otpbank.com.ua/ifobsClient/-" {
    permission java.security.AllPermission;
};

I know that such open permissions it's a bad practice. But in my case(I use
docker) it's not so bad, probably. I have tried to grant only specific
permissions but without success. With such policy 

permission java.util.PropertyPermission "java.io.tmpdir", "read";
permission java.io.FilePermission "/tmp/ifobsCryptoKeyPath.tmp", "read";
permission java.io.FilePermission "/otp/keys", "read";
permission java.io.FilePermission "/otp/keys/-", "read";

I get the following error

Caused by: java.security.AccessControlException: access denied
("java.util.PropertyPermission" "*" "read,write")

But after I added 

permissions java.util.PropertyPermission "*", "read,write";

It gave me again 

java.security.AccessControlException: access denied
("java.util.PropertyPermission" "java.io.tmpdir" "read")

So I had to use AllPermission

> Is the applet publicly accessible so I can take a look?

web site is - https://ibank.otpbank.com.ua/ifobsClient/

but as far as I understood you won't be able get access to applets without
credentials.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20180904/aa955f9f/attachment.html>