NetX Improvements

Finally my own blog :) (thank lillian)

My latest bit of work with IcedTea and NetX was pushed into the IcedTea repo last night. While it’s not totally complete (yet), a large part of javaws security has been implemented. Let’s take a look…

Running a signed application always shows a dialog now, regardless if the code verification was successful or not. In this case, it shows that JDiskReport has an expired certificate.


Clicking on the More information button shows the details:


… and clicking on the Certificate Details button shows the info from the certificate used in signing:
Note that “Karsten Lentzsch” is the publisher of the software and “Thawte Server CA” is the 3rd party that did the signing.

In the case that an application is self signed, only one certificate is shown:


Should an application be unsigned, permission for security-sensitive operations are requested from the user, as shown in the Notepad application:


Right now only file-open, file-save, clipboard-read and clipboard-write are available as jnlp services. The rest should be coming hopefully soon :-).

4 Responses to NetX Improvements

  1. Lillian says:

    Awesome! Great work!

  2. DDd says:

    prompting the user to make complicated security decisions is always an interesting problem! You should make sure that the admin can switch off the “continue anyway” gui for the clueless.

    I have a fun persona for modelling this situation: the end user who always makes the wrong security decision when prompted by the system ;)

  3. […] This release of IcedTea also includes new features added to NetX. – Signed applications display a dialog asking permission to run, with additional signing information and certificate details. – Implemented JNLP services: File read and write, Clipboard read and write. – Unsigned applications must now get permission from the user before the above JNLP services function. Check out the screenshots. […]

  4. sisi says:

    thx for your great work !
    (also all the IcedTea and OpenJDK ppl ;) )

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

%d bloggers like this: