Mercurial > hg > release > icedtea6-1.11
changeset 1944:e0451625a2db
Fix security permissions related to get/set property, based on specifications
* plugin/icedteanp/java/sun/applet/PluginMain.java: Add some javaplugin.*
properties that some applets expect.
* rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java: Implement
allowed property get/set based on specifications.
| author | Deepak Bhole <dbhole@redhat.com> |
|---|---|
| date | Wed, 24 Feb 2010 16:59:24 -0500 |
| parents | e0792821e2e7 |
| children | 3ba35c5b6fd9 |
| files | ChangeLog plugin/icedteanp/java/sun/applet/PluginMain.java rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java |
| diffstat | 3 files changed, 88 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Wed Feb 24 21:07:59 2010 +0000 +++ b/ChangeLog Wed Feb 24 16:59:24 2010 -0500 @@ -1,3 +1,10 @@ +2010-02-24 Deepak Bhole <dbhole@redhat.com> + + * plugin/icedteanp/java/sun/applet/PluginMain.java: Add some javaplugin.* + properties that some applets expect. + * rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java: Implement + allowed property get/set based on specifications. + 2010-02-24 Andrew John Hughes <ahughes@redhat.com> * .hgignore: Severely trim the list
--- a/plugin/icedteanp/java/sun/applet/PluginMain.java Wed Feb 24 21:07:59 2010 +0000 +++ b/plugin/icedteanp/java/sun/applet/PluginMain.java Wed Feb 24 16:59:24 2010 -0500 @@ -189,6 +189,10 @@ avProps.put("file.separator.applet", "true"); avProps.put("path.separator.applet", "true"); avProps.put("line.separator.applet", "true"); + + avProps.put("javaplugin.nodotversion", "160_17"); + avProps.put("javaplugin.version", "1.6.0_17"); + avProps.put("javaplugin.vm.options", ""); // Read in the System properties. If something is going to be // over-written, warn about it.
--- a/rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java Wed Feb 24 21:07:59 2010 +0000 +++ b/rt/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java Wed Feb 24 16:59:24 2010 -0500 @@ -27,6 +27,7 @@ import java.security.AccessController; import java.security.Permission; import java.security.PrivilegedAction; +import java.util.PropertyPermission; import javax.swing.JWindow; @@ -288,7 +289,7 @@ //Change this SocketPermission's action to connect and accept //(and resolve). This is to avoid asking for connect permission //on every address resolve. - Permission tmpPerm; + Permission tmpPerm = null; if (perm instanceof SocketPermission) { tmpPerm = new SocketPermission(perm.getName(), SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION); @@ -332,16 +333,81 @@ } } - } else - tmpPerm = perm; - - //askPermission will only prompt the user on SocketPermission - //meaning we're denying all other SecurityExceptions that may arise. - if (askPermission(tmpPerm)) { - addPermission(tmpPerm); - //return quietly. + } else if (perm instanceof PropertyPermission) { + + if (JNLPRuntime.isDebug()) + System.err.println("Requesting property: " + perm.toString()); + + // We go by the rules here: + // http://java.sun.com/docs/books/tutorial/deployment/doingMoreWithRIA/properties.html + + // Since this is security sensitive, take a conservative approach: + // Allow only what is specifically allowed, and deny everything else + + // First, allow what everyone is allowed to read + if (perm.getActions().equals("read")) { + if ( perm.getName().equals("java.class.version") || + perm.getName().equals("java.vendor") || + perm.getName().equals("java.vendor.url") || + perm.getName().equals("java.version") || + perm.getName().equals("os.name") || + perm.getName().equals("os.arch") || + perm.getName().equals("os.version") || + perm.getName().equals("file.separator") || + perm.getName().equals("path.separator") || + perm.getName().equals("line.separator") || + perm.getName().startsWith("javaplugin.") + ) { + return; + } + } + + // Next, allow what only JNLP apps can do + if (getApplication().getJNLPFile().isApplication()) { + if ( perm.getName().equals("awt.useSystemAAFontSettings") || + perm.getName().equals("http.agent") || + perm.getName().equals("http.keepAlive") || + perm.getName().equals("java.awt.syncLWRequests") || + perm.getName().equals("java.awt.Window.locationByPlatform") || + perm.getName().equals("javaws.cfg.jauthenticator") || + perm.getName().equals("javax.swing.defaultlf") || + perm.getName().equals("sun.awt.noerasebackground") || + perm.getName().equals("sun.awt.erasebackgroundonresize") || + perm.getName().equals("sun.java2d.d3d") || + perm.getName().equals("sun.java2d.dpiaware") || + perm.getName().equals("sun.java2d.noddraw") || + perm.getName().equals("sun.java2d.opengl") || + perm.getName().equals("swing.boldMetal") || + perm.getName().equals("swing.metalTheme") || + perm.getName().equals("swing.noxp") || + perm.getName().equals("swing.useSystemFontSettings") + ) { + return; // JNLP apps can read and write to these + } + } + + // Next, allow access to customizable properties + if (perm.getName().startsWith("jnlp.") || + perm.getName().startsWith("javaws.")) { + return; + } + + // Everything else is denied + throw se; + } else { - throw se; + tmpPerm = perm; + } + + if (tmpPerm != null) { + //askPermission will only prompt the user on SocketPermission + //meaning we're denying all other SecurityExceptions that may arise. + if (askPermission(tmpPerm)) { + addPermission(tmpPerm); + //return quietly. + } else { + throw se; + } } } } @@ -352,7 +418,7 @@ throw ex; } } - + /** * Asks the user whether or not to grant permission. * @param perm the permission to be granted