Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4304926

PrivateCredentialPermission allows (*) principalClass with regular principalName

XMLWordPrintable

    • 1.0
    • generic
    • solaris_2.6

      PrivateCredentialPermission allows grants statements which have
      a wildcard principalClass along with a regular principalName.

      from a security point of view, this is a bad construct.
      allowing any principal with the name "foo" (from any principalClass)
      to access a private credential is not useful, and extremely risky
      from a security perspective.

      a wildcard principalClass AND wildcard principalName should be allowed.
      a regular principalClass AND wildcard principalName should be allowed.

      a wildcard principalClass AND regular principalName should NOT be allowed.

            claisunw Charlie Lai (Inactive)
            claisunw Charlie Lai (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: