aboutsummaryrefslogtreecommitdiffstats
path: root/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java
diff options
context:
space:
mode:
Diffstat (limited to 'netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java')
-rw-r--r--netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java26
1 files changed, 26 insertions, 0 deletions
diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java b/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java
index ea96022..13f72e6 100644
--- a/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java
@@ -16,6 +16,7 @@
package net.sourceforge.jnlp.runtime;
+import java.io.File;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.*;
@@ -44,6 +45,8 @@ public class JNLPPolicy extends Policy {
/** the previous policy */
private static Policy systemPolicy;
+ private final String jreExtDir;
+
/** the system level policy for jnlps */
private Policy systemJnlpPolicy = null;
@@ -57,6 +60,9 @@ public class JNLPPolicy extends Policy {
systemJnlpPolicy = getPolicyFromConfig(DeploymentConfiguration.KEY_SYSTEM_SECURITY_POLICY);
userJnlpPolicy = getPolicyFromConfig(DeploymentConfiguration.KEY_USER_SECURITY_POLICY);
+
+ String jre = System.getProperty("java.home");
+ jreExtDir = jre + File.separator + "lib" + File.separator + "ext";
}
/**
@@ -67,6 +73,10 @@ public class JNLPPolicy extends Policy {
if (source.equals(systemSource) || source.equals(shellSource))
return getAllPermissions();
+ if (isSystemJar(source)) {
+ return getAllPermissions();
+ }
+
// if we check the SecurityDesc here then keep in mind that
// code can add properties at runtime to the ResourcesDesc!
if (JNLPRuntime.getApplication() != null) {
@@ -123,6 +133,22 @@ public class JNLPPolicy extends Policy {
}
/**
+ * Returns true if the CodeSource corresponds to a system jar. That is,
+ * it's part of the JRE.
+ */
+ private boolean isSystemJar(CodeSource source) {
+ // anything in JRE/lib/ext is a system jar and has full permissions
+ String sourceProtocol = source.getLocation().getProtocol();
+ String sourcePath = source.getLocation().getPath();
+ if (sourceProtocol.toUpperCase().equals("FILE") &&
+ sourcePath.startsWith(jreExtDir)) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
* Constructs a delegate policy based on a config setting
* @param key a KEY_* in DeploymentConfiguration
* @return a policy based on the configuration set by the user