-
Bug
-
Resolution: Fixed
-
P3
-
1.0
-
1.0
-
generic
-
solaris_2.6
the constructor for PrivateCredentialPermission attempts to parse
the provided permission name into a credential class and a principal name.
if the principal name has a space in it, an IllegalArgumentException
is improperly thrown.
see the provided attachment for an example program that exposes the bug.
to run the sample:
java -Djava.security.manager -Djava.security.policy=policy.all
policy.all should have:
grant {
permission java.security.AllPermission;
};
the provided permission name into a credential class and a principal name.
if the principal name has a space in it, an IllegalArgumentException
is improperly thrown.
see the provided attachment for an example program that exposes the bug.
to run the sample:
java -Djava.security.manager -Djava.security.policy=policy.all
policy.all should have:
grant {
permission java.security.AllPermission;
};