[icedtea-web] RFC: RH738814 - Access denied at ssl handshake

Deepak Bhole dbhole at redhat.com
Thu Sep 22 13:57:09 PDT 2011

* Omair Majid <omajid at redhat.com> [2011-09-19 17:53]:
> Hi,
> The attached patch should address RH738814 [1]
> The stack trace of the exception shows that code in
> VariableX509TrustManager tries do show a prompt which needs all
> permissions. Since the method call was originally from an untrusted
> applet, these permissions are missing and a security exception is
> thrown.
> Something along this line was anticipated earlier [2], but my fix
> may have been too broad. So now that we have a stack trace, I have a
> more focused patch. Any thoughts or comments?
> The patch is for HEAD, but applies to 1.1 as well. It should also
> apply to 1.0 after trivial changes - though I am not sure if that's
> something we should do.

Agreed. I am not sure how worthwhile it is to fix this in 1.0 either.

Approved for 1.1 and HEAD.


More information about the distro-pkg-dev mailing list