When attempting to log in to hushmail the following error is displayed after entering your passphrase: Error authenticating with the server - java.security.AccessControlException: access denied (java.net.SocketPermission keys1.hush.com resolve) i have made a work-around by adding the following to the main java.policy file /opt/blackdown-jdk-1.4.1/jre/lib/security/java.policy diff java.policy.0 java.policy 46a47,49 > > //Socket resolve permissions for hushmail (www.hushmail.com) > permission java.net.SocketPermission "*.hush.com:","resolve"; i would assume there is a better way to do this - such as granting the priv. just to the hushmail app. But i don't think cacheing is enabled, or i just don't "get it" enough to know where it stuffs it. But if it was known - something like the following could be used: grant codeBase "file:/path/to/SomeHushFile.jar" { //will grant this rights only to Hushmail //Socket resolve permissions for hushmail (www.hushmail.com) permission java.net.SocketPermission "*.hush.com:","resolve"; }; i got some hints from: http://java.apache.org/faq/fom-serve/cache/298.html At least i can use it now - and other apps can now "resolve" things in the "*.hush.com:" domain - which doesn't strike me as a huge deal... But you never know... If there is a better way to handle this - please let me know. The remaining question is - do we modify the default just for one site? Reproducible: Always Steps to Reproduce:
I dont want this, as I know next to nothing about java security, and will prob only get to it in about 4 months (taking the other 300 bugs I have).
No, this is not something we can modify the default JDK java policy files for. But if you put a .java.policy file in your home directory with the same stuff, you will get the same results. Sorry it's not more automatic than that... but, that's something Hushmail has to cover in their app/documentation/etc. :/ Cheers
