Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6472927

Jars signed by identiydb.obj in user.home directory aren't granted full permission in JDK 5.0u10 b02

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Won't Fix
    • Affects Version/s: 5.0, 5.0u10
    • Fix Version/s: 5.0u12
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • CPU:
      x86, sparc
    • OS:
      solaris, solaris_10

      Description

      To be compatible with JDK 1.1, identitydb.obj in user.home directory are seen as trusted keystore. Therefore jars that are signed by keys from it are granted full permission. JDK 5.0u10 build 02 does not behave that way. It does not grant the classes full permission.
      This only happens on solaris sparc platform. There's a security SQE tests for this: signedjar/signedjar_test8. The result logs are under:
      /net/sqe/global/nfs/sec/status/amy_test_result/solaris-signedjar_test8
      We have modified Run.sh in the result directory so that you can directly run it.
      To reproduce the bug, please:
      1. Log on to solaris sparc machine.
      2. Change to the result directory mentioned above.
      3. ksh Run.sh to run the test.
      4. Edit Run.sh to use other jdk promotion build.
      5. ksh Run.sh to run the test & compare the difference from the first run.
      Java source files are under testJarSource. There are also some scripts for generating keys, certs & signed jars there.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                xuelei Xue-Lei Fan
                Reporter:
                wchensunw William Chen (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: