Java Solaris Communities Sun Store Join SDN My Profile Why Join?
» search tips 
Sun Developer Network
Developers Home > Products & Technologies > Java Technology > Community > Bug Database >
Join SDNWhy Join
 
Bug Database
Bug Detail
Quick Lists
Top 25 Bugs
Top 25 RFE's
Recently Closed Bugs
Printable Page Printable Page


Bug Database
Welcome
 
»  Login
»  Report a Bug
»  FAQs
  Bug Watch List:
» Watch this Bug
 Bug Votes:
 This bug is Closed.You cannot Vote for it.
Bug ID: 6643379
Votes 0
Synopsis Filter out insecure JVM command-line arguments from deployment.properties
Category java_plugin:plugin2
Reported Against
Release Fixed 6u10(b10)
State 11-Closed, Verified, bug
Priority: 3-Medium
Related Bugs 6607516 , 6642995 , 6644200
Submit Date 18-DEC-2007
Description 
There are some signed applets that overwrite deployment.properties to add JVM command-line arguments for various purposes, whether it is to increase the default heap size for applets or to turn on or off Java 2D acceleration properties. In the new plug-in, if there are any non-secure JVM arguments in this list, the JVM instance will not be allowed to run unsigned code.

There are some applets (see the Comments section for details) which are specifying invalid system properties. Because these aren't in the known  customer  list of secure system properties, this basically causes the new plug-in to fail to launch any untrusted code, which is unacceptable.

We need to filter out insecure JVM arguments from the list specified via deployment.properties. With the new plug-in, developers now have a workaround for this, which is to specify these arguments via the new java_arguments applet parameter.

The other option we considered (under 6629341) was to treat all of the arguments specified in deployment.properties as  customer . This does not appear to be an acceptable solution on the Windows Vista platform, where deployment.properties is in a low-integrity location. Having different treatment of arguments specified in deployment.properties on different platforms would be confusing so we are not choosing this option.
Posted Date : 2007-12-18 20:53:27.0
Work Around 
N/A
Evaluation 
Allowing specification of insecure JVM command-line arguments for all
applets via deployment.properties is very problematic. At a minimum we
would need to trust such settings, but we can not do so on the Windows
Vista platform, where deployment.properties is stored in the low
integrity directory and can be overwritten by arbitrary untrusted
ActiveX controls. We also do not want to have the handling of
deployment.properties be platform-dependent.

Changed the JVMManager to filter out non-secure JVM command-line
arguments from those specified in deployment.properties. Developers
can specify these on a per-applet basis via the java_arguments applet
parameter if necessary.
Posted Date : 2007-12-19 00:59:46.0

After implementing this solution it was pointed out that this breaks the ability to debug applets by specifying command-line arguments like -Xdebug -Xrunjdwp in the Java Control Panel. This will be fixed under 6629341.
Posted Date : 2008-01-02 03:40:29.0
Comments
  
  Include a link with my name & email   


PLEASE NOTE: JDK6 is formerly known as Project Mustang





About Sun  |  About This Site  |  Newsletters  |  Contact Us  |  Employment
How to Buy  |  Licensing  |  Terms of Use  |  Privacy  |  Trademarks
 

 
Copyright 1994-2008 Sun Microsystems, Inc.
A Sun Developer Network Site

Unless otherwise licensed, code in all technical manuals herein (including articles, FAQs, samples) is provided under this License.
 
XML Content Feeds