Mercurial > hg > release > icedtea6-1.8

changeset 2065:9257ba041f18

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
2010-07-22 Deepak Bhole <dbhole@redhat.com> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java (getInstance): Collapse new loader paths into base loader. * netx/net/sourceforge/jnlp/services/ServiceUtil.java (checkAccess): Check if calling code is trusted all the way to the end. If it isn't, prompt user.
author doko@ubuntu.com
date Sat, 24 Jul 2010 00:50:12 +0200
parents 1c6ebab0ea7f
children e59670bc8db8
files ChangeLog netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java netx/net/sourceforge/jnlp/services/ServiceUtil.java
diffstat 3 files changed, 51 insertions(+), 27 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Sat Jul 24 00:49:21 2010 +0200
+++ b/ChangeLog	Sat Jul 24 00:50:12 2010 +0200
@@ -1,3 +1,11 @@
+2010-07-22  Deepak Bhole <dbhole@redhat.com>
+
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java (getInstance):
+	Collapse new loader paths into base loader.
+	* netx/net/sourceforge/jnlp/services/ServiceUtil.java (checkAccess): Check
+	if calling code is trusted all the way to the end. If it isn't, prompt
+	user.
+
 2010-07-21  Deepak Bhole <dbhole@redhat.com>
 
 	* netx/net/sourceforge/jnlp/resources/Messages.properties: Add new strings.
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Sat Jul 24 00:49:21 2010 +0200
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Sat Jul 24 00:50:12 2010 +0200
@@ -263,12 +263,10 @@
                 // loader is now current + ext. But we also need to think of 
                 // the baseLoader
 		        if (baseLoader != null && baseLoader != loader) {
-                    for (URL u : loader.getURLs())
-                        baseLoader.addURL(u);
-                    for (File nativeDirectory: loader.getNativeDirectories())
-                        baseLoader.addNativeDirectory(nativeDirectory);
-
-                    loader = baseLoader;
+                    for (URL u : baseLoader.getURLs())
+                        loader.addURL(u);
+                    for (File nativeDirectory: baseLoader.getNativeDirectories())
+                    	loader.addNativeDirectory(nativeDirectory);
                 } 
 
 		    } else {
--- a/netx/net/sourceforge/jnlp/services/ServiceUtil.java	Sat Jul 24 00:49:21 2010 +0200
+++ b/netx/net/sourceforge/jnlp/services/ServiceUtil.java	Sat Jul 24 00:50:12 2010 +0200
@@ -225,9 +225,9 @@
     }    
     
     /**
-     * Returns whether the app requesting a service is signed. If the app is
-     * unsigned, the user is prompted with a dialog asking if the action
-     * should be allowed.
+     * Returns whether the app requesting a service has the right permissions.
+     * If it doesn't, user is prompted for permissions. 
+     * 
      * @param app the application which is requesting the check. If null, the current
      * application is used.
      * @param type the type of access being requested
@@ -239,12 +239,37 @@
             SecurityWarningDialog.AccessType type,
     		Object... extras) {
 
-        if (app == null) {
-            app = JNLPRuntime.getApplication();
+    	if (app == null)
+    		app = JNLPRuntime.getApplication();
+
+        boolean codeTrusted = true;
+
+        StackTraceElement[] stack =  Thread.currentThread().getStackTrace();
+
+        for (int i=0; i < stack.length; i++) {
+
+        	Class c = null;
+
+        	try {
+        		c = Class.forName(stack[i].getClassName());
+        	} catch (Exception e1) {
+        		try {
+        			c = Class.forName(stack[i].getClassName(), false, app.getClassLoader());
+        		} catch (Exception e2) {
+        			System.err.println(e2.getMessage());
+        		}
+        	}
+
+            // Everything up to the desired class/method must be trusted
+            if (c == null || // class not found 
+            		( c.getProtectionDomain().getCodeSource() != null && // class is not in bootclasspath 
+            		  c.getProtectionDomain().getCodeSource().getCodeSigners() == null) // class is trusted
+            		) {
+            	codeTrusted = false;
+            }
         }
-        
-        if (app != null) {
-            if (!app.isSigned()) {
+
+        if (!codeTrusted) {
             	final SecurityWarningDialog.AccessType tmpType = type;
             	final Object[] tmpExtras = extras;
             	final ApplicationInstance tmpApp = app;
@@ -252,25 +277,18 @@
             	//We need to do this to allow proper icon loading for unsigned
             	//applets, otherwise permissions won't be granted to load icons
             	//from resources.jar.
-            	Object o = AccessController.doPrivileged(new PrivilegedAction() {
-                    public Object run() {
+            	Boolean b = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+                    public Boolean run() {
                     	boolean b = SecurityWarningDialog.showAccessWarningDialog(tmpType,
                                 tmpApp.getJNLPFile(), tmpExtras);
-                    	return (Object) new Boolean(b);
+                    	return new Boolean(b);
                     }
                 });
-            	
-            	return ((Boolean)o).booleanValue();
-                 
-            } else if (app.isSigned()) {
 
-                //just return true here regardless if the app
-                //has signing issues -- at this point the user would've
-                //already decided to run the app anyways.
-                return true;
-            }
+            	return b.booleanValue();
         }
-        return false; //deny
+
+        return true; //allow
     }
 }