United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-8019425 : Local Security Policy: Any "run" rule must have at least one application qualifier

Details
Type:
Enhancement
Submit Date:
2013-06-28
Status:
Resolved
Updated Date:
2014-02-12
Project Name:
JDK
Resolved Date:
2013-07-13
Component:
deploy
OS:
Sub-Component:
plugin
CPU:
Priority:
P2
Resolution:
Fixed
Affected Versions:
7u40
Fixed Versions:
7u40 (b34)

Related Reports
Backport:
Backport:
Backport:
Backport:
Relates:

Sub Tasks

Description
Any rule with "run" as the target MUST have at least one application qualifier.  Name, Location, Signature or Checksum.  If it doesn't have one of these then the rule is invalid, and hence the file is invalid and we should treat it as such.
                                    

Comments
With 7u40 nightly #23, confirmed that rule without any application quantifier will be treated as "Invalid (run everything) rule in Local Security Policy file".

However, location ="*" still works as before. Policy looks like below:
==========

<policy>
  <rule>
     <id location="*" />
     <action permission="run"/>
  </rule>

<!-- block everything else -->
  <rule>
     <id/>
     <action permission="block">
		<message>we don't want to run anything else</message>
		</action>
  </rule>
</policy>
=============

Anyway, SQE is still going to allow this very bug to be fixed. Will file a new bug to track remaining issues.
                                     
2013-07-11
SQE-OK to get this issue fixed in 7u40.
                                     
2013-07-11



Hardware and Software, Engineered to Work Together