aboutsummaryrefslogtreecommitdiffstats
path: root/plugin/icedteanp
diff options
context:
space:
mode:
authorOmair Majid <[email protected]>2010-11-24 14:15:11 -0500
committerOmair Majid <[email protected]>2010-11-24 14:15:11 -0500
commit734d3800792d3b1825eb3101227eae519311871e (patch)
tree5deb277c81fd7f719ae7bee19f195455665f6c43 /plugin/icedteanp
parent5ce4fedba27f4160ed7d1979478886c6546d382c (diff)
CVE-2010-3860 IcedTea System property information leak via public static
2010-11-24 Omair Majid <[email protected]> * netx/net/sourceforge/jnlp/runtime/Boot.java: Remove basedir option. Add NETX_ABOUT_FILE. (run): Remove call to JNLPRuntime.setBaseDir. (getAboutFile): Use the constant in this file, not JNLPRuntime. (getBaseDir): Remove obsolete method. * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: Remove baseDir, USER, HOME_DIR, NETXRC_FILE, NETX_DIR, SECURITY_DIR, CERTFICIATES_FILE, JAVA_HOME_DIR, NETX_ABOUT_FILE. (initialize): Do not set baseDir. (getBaseDir): Remove method. (setBaseDir): Likewise. (getDefaultBaseDir): Likewise. (getProperties): Likewise. * netx/net/sourceforge/jnlp/security/SecurityUtil.java (getTrustedCertsFilename): Delegate to KeyStores.getKeyStoreLocation. * plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java (PluginAppletSecurityContext): Remove call to obsolete method.
Diffstat (limited to 'plugin/icedteanp')
-rw-r--r--plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java5
1 files changed, 0 insertions, 5 deletions
diff --git a/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java b/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
index bef2bd8..eb68371 100644
--- a/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
+++ b/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
@@ -250,11 +250,6 @@ public class PluginAppletSecurityContext {
public PluginAppletSecurityContext(int identifier) {
this.identifier = identifier;
-
- // also, override the basedir, use a different one for the plugin
- File f = new File(System.getProperty("user.home") + "/.icedteaplugin/");
- f.mkdir();
- JNLPRuntime.setBaseDir(f);
// We need a security manager.. and since there is a good chance that
// an applet will be loaded at some point, we should make it the SM