The new out-of-process Java Plug-In solves many longstanding problems with signed applet support on Windows Vista. However, there are a couple of outstanding issues with the user experience of the new plugin.
1. We need to add an ElevationPolicy registry entry for javaw.exe during installation of the JRE as per http://msdn2.microsoft.com/en-us/library/bb250462.aspx to suppress the security dialog which is presented when launching the medium integrity sub-process which executes the applet.
2. We need to either diagnose why the shared memory transport fails to allow mapping of the file in the medium integrity client process, or implement a transport using named pipes, to work around the Windows Firewall security dialog presented while opening up the port to allow connection of the client and server processes.
After discussion with Microsoft it is clear that more changes are necessary:
3. We need to write a custom broker process rather than registering javaw.exe as a silently elevated broker process. The new broker needs to validate command line arguments, for example disallowing pointing the classpath or boot classpath into the LocalLow directory.
4. The broker process must clear out the JAVA_ARGS environment variable to prevent setting command-line arguments in this manner.
5. The broker process will pass the command-line arguments up to the Java level for consumption by our code via the sun.plugin2.jvm.args system property. It must be forbidden by the launcher as well as via the JVMParameters to set this property.