Hi security-devs,
I'd like to sponsor this patch. Would any security guys please have some
time to review this patch?
On 05/03/2012 04:26 PM, Jonathan Lu wrote:
Hello, how about just change the code like following patch by adding a
security check point before invoking the native dialog.
htt
Hello, how about just change the code like following patch by adding a
security check point before invoking the native dialog.
http://cr.openjdk.java.net/~luchsh/webrev_gtk_file_dialog/
Best regards!
- Jonathan
On 04/23/2012 06:14 PM, Jonathan Lu wrote:
Basically the existance checking of fil
Basically the existance checking of files and directory without
explicitly granted permissions do not look very friendly to me
especially for applet code from the web. This might be a helpful way for
hackers to infer OS version, user habit or software config from the
directory layout retrieved
Hello, is anybody interested in this problem?
it seems to be a generic question of how to control security access in
JNI native implementation of JDK.
And consider the behavior differences, is it neccessary to reimplement
Gtk file dialog in the same way as X dialog?
Regards
- Jonathan
On 04/
Hi awt-dev,
I found a behavior difference when open file dialog from an applet, bug
7160238 has been created for this issue.
Here's the tiny test case to helping reproduce the problem,
/*
* Copyright (c) 2012 Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRI
