JDK-8004488 : wrong permissions checked in krb5
- Type: Bug
- Component: security-libs
- Sub-Component: org.ietf.jgss:krb5
- Affected Version: 7u79,7u80,7u85,8
- Priority: P4
- Status: Closed
- Resolution: Fixed
- Submitted: 2012-12-05
- Updated: 2017-01-31
- Resolved: 2012-12-11
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 7 | JDK 8 |
|---|---|
7u80Fixed  |
8 b69Fixed |
Related Reports
|
Relates :
|
|
|
Relates :
|
Description
In JAAS, PrivateCredentialPermissions are needed to read various kinds of private credentials. For krb5, they are normally for KerberosTicket, KerberosKey and KeyTab classes. However, JDK 7 stores a special kind of sun.security.jgss.krb5.Krb5Util$KeysFromKeyTab objects which is not covered by the normal permissions.
Comments
|