0

I have a self-signed applet which gets full permissions when the user accepts the certificate. My applet only needs socket (connect/resolve) permissions. Is there any way to specify this so the user doesn't get a warning saying "this app will have full permissions, and can access your webcam/mic etc".. but instead just gets a warning saying this application will have socket permissions?

I know the user can manually allow this by editing their policy file.. but can't webstart/jnlp ask the user for specific permissions, rather than just all permissions?

Roman C
  • 49,761
  • 33
  • 66
  • 176
amax
  • 1
  • if you scroll with mouse down, on the riht side you can see related topics, maybe there is/are your answer(s) directly – mKorbel Jun 20 '11 at 00:47
  • I don't think so. Netalyzr is a "properly" signed app that asks for all permissions despite it only needing socket permissions (and I'm sure the authors would rather give it restricted permissions where possible); however over 90% of people click "yes". It doesn't help that the dialog usually suggests that clicking "no" stops it from running entirely. – tc. Jun 20 '11 at 01:17

2 Answers2

3

..can't webstart/jnlp ask the user for specific permissions, rather than just all permissions?

No. JWS offers just one more security level besides trusted/all-permissions & sand-boxed. That security level is j2ee-application-client-permissions. JACP provides some more permissions than sand-boxed, I'm not sure if it includes socket permissions.

Andrew Thompson
  • 168,117
  • 40
  • 217
  • 433
0

I can't imagine the average user would know what socket permissions meant, let alone the implications of granting it.

There is no limited privilege model for applets (other than the rather odd "J2EE client" when using JNLP applets, but that's about enforcing standards conformance rather than security). The Netscape model did allow selected permissions, but that approach was a failure.

Why do you need to contact a non-same origin server? Could you not use (logged) port forwarding? Or over http and use the limited crossdomain.xml support?

Tom Hawtin - tackline
  • 145,806
  • 30
  • 211
  • 305