JDK-5018024 : signed applet does not allow access to file system
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 1.4.2
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_2000,windows_xp
  • CPU: x86
  • Submitted: 2004-03-22
  • Updated: 2004-03-22
  • Resolved: 2004-03-22
Related Reports
Duplicate :  
Description

Name: gm110360			Date: 03/22/2004


FULL PRODUCT VERSION :
java version "1.4.2_04"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_04-b05)
Java HotSpot(TM) Client VM (build 1.4.2_04-b05, mixed mode)

ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]

A DESCRIPTION OF THE PROBLEM :
An applet that is signed by a certifcate issued by Verisign cannot run an executable off the file system. This was working in 1.4.2 and 1.3.1_08, but fails in 1.4.2_04. The exception that occurs is

java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)

	at java.security.AccessControlContext.checkPermission(Unknown Source)

	at java.security.AccessController.checkPermission(Unknown Source)

	at java.lang.SecurityManager.checkPermission(Unknown Source)

	at java.lang.SecurityManager.checkExec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at edu.nebraska.foundation.applets.AccessApplet.openNewSession(AccessApplet.java:35)

	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)

	at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)

	at sun.plugin.com.DispatchImpl$2.run(Unknown Source)

	at java.security.AccessController.doPrivileged(Native Method)

	at sun.plugin.com.DispatchImpl.invoke(Unknown Source)

java.lang.Exception: java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)

	at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)

	at sun.plugin.com.DispatchImpl$2.run(Unknown Source)

	at java.security.AccessController.doPrivileged(Native Method)

	at sun.plugin.com.DispatchImpl.invoke(Unknown Source)



STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Load a signed applet in an html page that tried to execute iexplore.exe and it will generate the error.

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
It should execute the file without an access error.
ACTUAL -
an exception is thrown saying that there is an access error.

ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)

	at java.security.AccessControlContext.checkPermission(Unknown Source)

	at java.security.AccessController.checkPermission(Unknown Source)

	at java.lang.SecurityManager.checkPermission(Unknown Source)

	at java.lang.SecurityManager.checkExec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at java.lang.Runtime.exec(Unknown Source)

	at edu.nebraska.foundation.applets.AccessApplet.openNewSession(AccessApplet.java:35)

	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)

	at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)

	at sun.plugin.com.DispatchImpl$2.run(Unknown Source)

	at java.security.AccessController.doPrivileged(Native Method)

	at sun.plugin.com.DispatchImpl.invoke(Unknown Source)

java.lang.Exception: java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)

	at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)

	at sun.plugin.com.DispatchImpl$2.run(Unknown Source)

	at java.security.AccessController.doPrivileged(Native Method)

	at sun.plugin.com.DispatchImpl.invoke(Unknown Source)



REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
public class TestAccessApplet extends JApplet {

	public void openNewSession(
		final String URL) {
		if (URL != null) {
			try {
				Runtime.getRuntime().exec(
					"iexplore " + URL);
			}
			catch (IOException ioe) {
				System.out.println(ioe.getMessage());
				ioe.printStackTrace();
			}
		}
	}
}

---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
Go back to previous jvm.
(Incident Review ID: 243950) 
======================================================================