[rfc][icedtea-web] fix for RH816592

[Deepak Bhole]

* Jiri Vanek <jvanek at redhat.com> [2012-06-26 07:42]:
> On 06/20/2012 04:38 PM, Deepak Bhole wrote:
> >* Jiri Vanek<jvanek at redhat.com>  [2012-06-19 08:09]:
> >>On 05/24/2012 09:04 PM, Deepak Bhole wrote:
> >>>* Jiri Vanek<jvanek at redhat.com>   [2012-05-24 14:08]:
> >>>>On 05/24/2012 05:28 PM, Deepak Bhole wrote:
> >>>>>* Jiri Vanek<jvanek at redhat.com>    [2012-05-24 09:40]:
> >>>>>>On 05/23/2012 05:45 PM, Jiri Vanek wrote:
> >>>>>>>On 05/23/2012 05:36 PM, Omair Majid wrote:
> >>>>snip
> >>>>>>
> >>>>>
> >>>>>Hi Jiri,
> >>>>>
> >>>>>This is still not solving the root issue -- why does the resource not
> >>>>>have an entry in the map? Whatever is getting that resource should be
> >>>>>adding it. getCodeSourceSecurity should only be doing a simple look up
> >>>>>on security and returning what is already known.
> >>>>>
> >>>>>Cheers,
> >>>>>Deepak
> >>>>>
> >>>>And when  an application directly inject to fields in sun.misc.URLClassPath.java? Then my solution will be the only working one. But yes. it is unlikely and I'm just protecting wrong solution (so pride of it! :D)
> >>>>  I will investigate more in way Omair suggested which looks much more cmmon.
> >>>>
> >>>
> >>>Ah fair enough. So then all the places where we add resources ourselves
> >>>are correctly covered?
> >>>
> >>>Cheers,
> >>>Deepak
> >>
> >>Hi! When Thomas patch is applied, then I believe all standard ways
> >>are covered. Monstrosities left behind are quite smoothly catch by
> >>this one. This one is also fixing minecraft issue you sent to me.
> >>(http://www.minecraft.net/classic/play).
> >>
> >>I'm for both patches in for head. I have reviewed his work and
> >>prepared reproducer.. Just waiting to him for confirmation.
> >>
> >>What do you think?
> >>
> >
> >Fair enough. OK for head.
> >
> 
> I would like to backport it to 1.2 in week or two since push to head.
> 
> Possible?

Assuming no regressions showed up with any of the reproducers, yes, OK
for 1.2 now.

Cheers,
Deepak

> 
> J