See the analysis of this issue by Chris Hegarty on the OpenJDK networking list:
http://mail.openjdk.java.net/pipermail/net-dev/2011-May/003148.html
--Sean
On 5/12/11 6:36 PM, Brad Wetmore wrote:
On 5/12/2011 10:49 AM, Omair Majid wrote:
Hi,
Deepak Bhole posted this bug on the openjdk bugzilla a little while ago,
but it seems to have fallen through the cracks:
https://bugs.openjdk.java.net/show_bug.cgi?id=100142
Yes it did. That was about a year ago.
http://mail.openjdk.java.net/pipermail/security-dev/2010-April/001818.html
Sean, this should be assigned to network folks, right? They handle the protocol
stuff. I've reassigned for now, set the sponsor flag to "?" as described in:
http://openjdk.java.net/contribute/
and filed:
7044443: Permissions resolved incorrectly for jar protocol (Patch from
bugs.openjdk.java.net)
I'll ask them to assess.
Brad
