NetX Improvements

Finally my own blog :) (thank lillian)

My latest bit of work with IcedTea and NetX was pushed into the IcedTea repo last night. While it’s not totally complete (yet), a large part of javaws security has been implemented. Let’s take a look…

Running a signed application always shows a dialog now, regardless if the code verification was successful or not. In this case, it shows that JDiskReport has an expired certificate.

netx-1.jpg

Clicking on the More information button shows the details:

netx-2.jpg

… and clicking on the Certificate Details button shows the info from the certificate used in signing:
Note that “Karsten Lentzsch” is the publisher of the software and “Thawte Server CA” is the 3rd party that did the signing.
netx-3.jpg

In the case that an application is self signed, only one certificate is shown:

netx-4.jpg

Should an application be unsigned, permission for security-sensitive operations are requested from the user, as shown in the Notepad application:

netx-5.jpg

Right now only file-open, file-save, clipboard-read and clipboard-write are available as jnlp services. The rest should be coming hopefully soon :-).

About these ads

4 Responses to NetX Improvements

  1. Lillian says:

    Awesome! Great work!

  2. DDd says:

    prompting the user to make complicated security decisions is always an interesting problem! You should make sure that the admin can switch off the “continue anyway” gui for the clueless.

    I have a fun persona for modelling this situation: the end user who always makes the wrong security decision when prompted by the system ;)

  3. […] This release of IcedTea also includes new features added to NetX. – Signed applications display a dialog asking permission to run, with additional signing information and certificate details. – Implemented JNLP services: File read and write, Clipboard read and write. – Unsigned applications must now get permission from the user before the above JNLP services function. Check out the screenshots. […]

  4. sisi says:

    thx for your great work !
    (also all the IcedTea and OpenJDK ppl ;) )

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: