Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8025830

Granting "all permission" in the policy file causes a signed applet to be treated as unsigned

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P2
    • Resolution: Incomplete
    • Affects Version/s: 7u40
    • Fix Version/s: None
    • Component/s: deploy
    • Labels:
      None
    • Subcomponent:
    • Introduced In Version:

      Description

      Reported by a customer via Milton Smith

      1- Create a signed Applet and an unsigned Applet
      2- Run the Applets on 7u40
      3- Test applets to confirm signed runs smoothly, without any warnings, and unsigned with warnings
      4- Modify java.policy and set grant to AllPermission
      5- Run applets again to confirm the unsigned runs ok, and signed does not run as expected (Trust-Library)

      Customer points to the class “sun.plugin2.applet.Plugin2ClassLoader”, method “getTrustedCodeSources” as where the failure might be.

      ROUGH TRANSLATION (for attached flowchart)
      "Início" - Start
      "Obter permissões da aplicação" - get application permissions
      "Aplicação tem AllPermission ou 'usePolicy'" - Application has AllPermission or usePolicy
      "Sim" / "Não" - Yes/No
      "Obter permissões do sandbox" - get sandbox permissions
      "Aplicação tem mais permissão que o sandbox?" - Does application requires more permission than sandbox?
      "Não confiável" - not trusted

        Attachments

          Activity

            People

            • Assignee:
              dcherepanov Dmitry Cherepanov
              Reporter:
              jmcglynn Joe Mcglynn (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: