-
Bug
-
Resolution: Won't Fix
-
P4
-
None
-
6, 7
-
generic, x86
-
generic, linux
FULL PRODUCT VERSION :
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Linux coco-laptop 2.6.17-10-generic #2 SMP Tue Dec 5 22:28:26 UTC 2006 i686 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
Similar to bug id 6500211 with the preferences permission, the LoggingPermission "control" may be too restrictive to fulfill its intended purpose.
The problem is in that it's possible to use some Handler that writes to a user-chosen file, or to a server, or to a JNLP muffin or a cookie, and then use this while running a Web Start app or an Applet in the sandbox. However the given permission will not allow this implementation: the permission is checked early and applies globally, so even though an implementation that works within the sandbox may exist, the permission prevents its usage.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
While running a JNLP application in the sandbox, get a file chosen by the user from the JNLP FileSaveService, and then attempt to configure a StreamHandler to write to this file: the attempt will fail due to the security restriction, even though it is permitted to write to this file from this application at this time.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
It would be better if the permission-checking were to depend on more underlying root permissions such as the FilePermissions.
ACTUAL -
No logging configuration is allowed whatsoever from the sandbox.
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
None. You must somehow be able to obtain AllPermission, or else roll your own logger.
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Linux coco-laptop 2.6.17-10-generic #2 SMP Tue Dec 5 22:28:26 UTC 2006 i686 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
Similar to bug id 6500211 with the preferences permission, the LoggingPermission "control" may be too restrictive to fulfill its intended purpose.
The problem is in that it's possible to use some Handler that writes to a user-chosen file, or to a server, or to a JNLP muffin or a cookie, and then use this while running a Web Start app or an Applet in the sandbox. However the given permission will not allow this implementation: the permission is checked early and applies globally, so even though an implementation that works within the sandbox may exist, the permission prevents its usage.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
While running a JNLP application in the sandbox, get a file chosen by the user from the JNLP FileSaveService, and then attempt to configure a StreamHandler to write to this file: the attempt will fail due to the security restriction, even though it is permitted to write to this file from this application at this time.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
It would be better if the permission-checking were to depend on more underlying root permissions such as the FilePermissions.
ACTUAL -
No logging configuration is allowed whatsoever from the sandbox.
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
None. You must somehow be able to obtain AllPermission, or else roll your own logger.