Details
-
Bug
-
Resolution: Won't Fix
-
P3
-
5.0, 5.0u10
-
None
-
x86, sparc
-
solaris, solaris_10
Description
To be compatible with JDK 1.1, identitydb.obj in user.home directory are seen as trusted keystore. Therefore jars that are signed by keys from it are granted full permission. JDK 5.0u10 build 02 does not behave that way. It does not grant the classes full permission.
This only happens on solaris sparc platform. There's a security SQE tests for this: signedjar/signedjar_test8. The result logs are under:
/net/sqe/global/nfs/sec/status/amy_test_result/solaris-signedjar_test8
We have modified Run.sh in the result directory so that you can directly run it.
To reproduce the bug, please:
1. Log on to solaris sparc machine.
2. Change to the result directory mentioned above.
3. ksh Run.sh to run the test.
4. Edit Run.sh to use other jdk promotion build.
5. ksh Run.sh to run the test & compare the difference from the first run.
Java source files are under testJarSource. There are also some scripts for generating keys, certs & signed jars there.
This only happens on solaris sparc platform. There's a security SQE tests for this: signedjar/signedjar_test8. The result logs are under:
/net/sqe/global/nfs/sec/status/amy_test_result/solaris-signedjar_test8
We have modified Run.sh in the result directory so that you can directly run it.
To reproduce the bug, please:
1. Log on to solaris sparc machine.
2. Change to the result directory mentioned above.
3. ksh Run.sh to run the test.
4. Edit Run.sh to use other jdk promotion build.
5. ksh Run.sh to run the test & compare the difference from the first run.
Java source files are under testJarSource. There are also some scripts for generating keys, certs & signed jars there.
Attachments
Issue Links
- duplicates
-
-
- Closed
-