Mercurial > hg > release > icedtea6-1.8

changeset 2068:7c6d03b64403

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
2010-07-22 Deepak Bhole <dbhole@redhat.com> * netx/net/sourceforge/jnlp/SecurityDesc.java (getPermissions): Clean up method, and make sure sandbox permissions are always a subset of what is returned.
author doko@ubuntu.com
date Sat, 24 Jul 2010 00:53:53 +0200
parents a6cb78541643
children 6d2beb513332
files ChangeLog netx/net/sourceforge/jnlp/SecurityDesc.java
diffstat 2 files changed, 11 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Sat Jul 24 00:52:38 2010 +0200
+++ b/ChangeLog	Sat Jul 24 00:53:53 2010 +0200
@@ -1,3 +1,9 @@
+2010-07-22  Deepak Bhole <dbhole@redhat.com>
+
+	* netx/net/sourceforge/jnlp/SecurityDesc.java (getPermissions): Clean up
+	method, and make sure sandbox permissions are always a subset of what is
+	returned.
+
 2010-07-22  Deepak Bhole <dbhole@redhat.com>
 
 	* t/net/sourceforge/jnlp/tools/JarSigner.java: Add new verifyResult enum
--- a/netx/net/sourceforge/jnlp/SecurityDesc.java	Sat Jul 24 00:52:38 2010 +0200
+++ b/netx/net/sourceforge/jnlp/SecurityDesc.java	Sat Jul 24 00:53:53 2010 +0200
@@ -146,7 +146,7 @@
         this.type = type;
         this.downloadHost = downloadHost;
     }
-
+    
     /**
      * Returns the permissions type, one of: ALL_PERMISSIONS,
      * SANDBOX_PERMISSIONS, J2EE_PERMISSIONS.
@@ -160,33 +160,20 @@
      * permissions granted depending on the security type.
      */
     public PermissionCollection getPermissions() {
-        Permissions permissions = new Permissions();
+        PermissionCollection permissions = getSandBoxPermissions();
 
-        // all
+        // discard sandbox, give all
         if (type == ALL_PERMISSIONS) {
+        	permissions = new Permissions();
             permissions.add(new AllPermission());
             return permissions;
         }
 
-        // restricted
-        if (type == SANDBOX_PERMISSIONS) {
-            for (int i=0; i < sandboxPermissions.length; i++)
-                permissions.add(sandboxPermissions[i]);
-
-            if (downloadHost != null)
-                permissions.add(new SocketPermission(downloadHost,
-                                                     "connect, accept"));
-        }
-
-        // j2ee
+        // add j2ee to sandbox if needed
         if (type == J2EE_PERMISSIONS)
             for (int i=0; i < j2eePermissions.length; i++)
                 permissions.add(j2eePermissions[i]);
 
-        if (file.isApplication())
-        	for (int i=0; i < jnlpRIAPermissions.length; i++)
-        		permissions.add(jnlpRIAPermissions[i]);
-
         return permissions;
     }