Ticket #37 (closed task: fixed)

Opened 2 years ago

Last modified 2 years ago

Make sure applet in a FireFox Extension can read files and network

Reported by: sthiel Assigned to: sthiel
Priority: blocker Milestone: milestone2
Component: Deployment Version:
Keywords: Cc:
Super-ticket: Reviewer:
Minutes Spent: 120

Description

Do I have permission, being an applet off of file:///? Can I give myself permission since I can run inside XUL as privileged? This is really important, and is the next show stopper item, hence I'm leaving it in milestone2, although I should only be sticking things in milestone3 now.

Change History

04/24/07 16:08:57 changed by sthiel

  • status changed from new to closed.
  • resolution set to fixed.

By simply signing an applet, the browser will request permission to trust the applet. Trusted applets will run under the system security policy, which grants them a whole lot of freedom. We can do everything, it appears (possibly in part because it's running off the local disk).

Properly signing the applet will make it look more authentic and stuff, but I'm not sure to what lengths we'll need to go to for that. I've got some signed certs that I may try to apply, just to see. The thing is, I don't know what mechanism it uses to verify against the common name. Perhaps it just says something like, verified as signed by the following CN (for which I have certs for mail.htmlweb.com and www.dsrg.org). I've never looked into this in this way, so my suppositions may end up being silly. I'll look at this several milestones down the road.

04/24/07 16:13:28 changed by sthiel

  • minutes_worked set to 120.

Tagging time spent on this.

-Also, the results are just a test applet that runs through the test xpi (firefox extension). It tried to open a FileChooserDialogue? of sorts.