Ignore signing, no permissions wanted

Similar Messages

• HT201328 Welcome to After I IPHONE 4 black and I want to open internationally so when you want to update the lock and leave me a sign I just want to open an apple and I have developed from my Mac in Saudi Arabia&

  Welcome to After I IPHONE 4 black and I want to open internationally so when you want to update the lock and leave me a sign I just want to open an apple and I have developed from my Mac in Saudi Arabia& the
  <Edited by Host>

  If you want to unlock an iPhone you must contact the carrier it is locked to.
  You are not communicating with Apple in these forums; we are just other users.

• I keep getting an error when signing in, it wants me to start a trial, but i have purchased the product already?

  I keep getting an error when signing in, it wants me to start a trial, but i have purchased the product already?

  If you purchased a serial number, then click on "License this Product". You will be asked to sign in with your Adobe ID/password and you will be asked for a serial number, or you might click on "I have a serial number".  Once you enter the serial number, it should be properly activated as a permanent license.
  Gene

• Firefox's pdf.js completely ignores PDF document permissions.

  Firefox's new JavaScript PDF Viewer pdf.js is really a disaster.
  It completely ignores PDF document permissions set by Acrobat Professional and so on.
  With Firefox's pdf.js people can freely print any PDF and copy the texts and images.
  This was reported as a bug in bugzilla@mozilla but it seems that it is going to be fixed soon.
  Bug 792816 - pdf.js doesn't respect document permissions
  https://bugzilla.mozilla.org/show_bug.cgi?id=792816
  Bug 845302 - Firefox 19.0 pdf viewer ignores pdf encryption
  https://bugzilla.mozilla.org/show_bug.cgi?id=845302
  Does nobody in Adobe voice one's disagreement about this?

  This isn't a new issue - most of the third-party PDF reading applications have been ignoring the permissions headers in a PDF for years, and some claim it's perfectly valid for a user to be able to override password-based restrictions on copying/printing under 'fair use'. Adobe disagrees, as do I, but the nature of the PDF document structure means that it's trivial for any application to ignore those restrictions. You certainly don't need the password. Acrobat warns you the first time you use the Protection tools that  Adobe always respects the permissions you set even if other vendors choose not to.
  As has been said many times; the only way to truly secure the content of a PDF file against printing or copying is to use LiveCycle digital rights management, as that forces the PDF to be opened in Adobe software and nothing else. If you cannot afford LCDRM, you have to accept that your 'secured' PDFs are anything but.

• Exchange User Integration Pack ignores signed email

  Hi,
  I'm using SCORCH 2012 R2 /w the Exchange IP. It seems to ignore signed email.
  Steps to repro:
  Create a runbook with a single 'Get Items' activity. Configure the activity to check a subfolder of an arbitrary exchange account.
  Place a signed message in the subfolder via Outlook.
  Place an unsigned message in the subfolder via Outlook.
  Enable logging on the runbook.
  Run the runbook.
  Expected behavior:
  The runbook logs will show that Get Items returns two email objects.
  Actual behavior:
  The runbook logs show that Get Items only discovers the unsigned email.
  Other Information:
  The signed message is signed with a certificate generated by our enterprise PKI. The Scorch server trusts the root and intermediate CA's.
  Is there a way to make this work, so I don't have to resort to a different and more complicated approach?
  Thanks!
  John

  Is it working with iOS or Android or WP?
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Lost with signed applet permissions

  Hi all,
  We need to deploy a very simple applet which sole role is to connect to a domain other than mother to send and get some data. We have a certificate from Verisign and have signed the applet. So far so good. The applet is compiled and signed with the jdk 1.3.1_12. With the JRE 1.3.1_x, it works just fine. If the jre 1.4.2_x is installed however, the connection doesn't happen and we receive a permission denied exception instead:
  java.security.AccessControlException: access denied (java.net.SocketPermission xxxxx resolve)
  With jre 1.4.2, when the applet loads, we do see the security prompt, but we get the permission denied exception even if we specifically choose to trust the applet. I thought this step would automatically grant all priviledges?
  So I don't know what to do from here. How can the applet request for the correct permission in jre 1.4.2_x? I looked around and found some information about policy files but I'm at a loss at how to use that, we have no control as to who will see the applet so I don't think we can ask all to update their policy file first.
  What we want to have is for our users to grant priviledge at the security prompt and not worry about anything else, even with jre1.4. Can it be done?
  Any help would be much appreciated.
  Tim.

  Apologies, I think this post would have been more suited for the sigend applet forum. I have reposted there, please ignore the post in this forum.

• HT4314 I signed my iPod out but when I sign in it wants an apple ID but signs me in to my iPhone account, help!!!

  All iPhones/iPods are signed to the same appleID. I have tried to log my iPods game centre account in but only wants the apple ID, yet when I sign the apple ID in it signs my iPod into my iPhones game centre account which is the problem!!!! My iPhones game centre is different to my iPods but I don't want that account on my iPod as already have one on my iPod, but it won't log me in. I know the username and password for them both but every time I want to sign in it asks me for my apple ID and signs me in to my iPhones account.

  - Maybe the troubleshoting here:
  iOS: Using Game Center
  Game Center nickname password question:: Apple Support Communities
  Multiple game center accounts for...: Apple Support Communities

• Does Java Plug-in Ignore java.policy Permissions?

  I am running Firefox 3.6.12 on Ubuntu Karmic with Java plug-in 1.6.0_22. I'm trying to run an Aventail OnDemand applet, and I keep getting I/O file-reading permissions exceptions in the Java console. I tried granting the permission in /usr/lib/jvm/java-6-sun-1.6.0.22/jre/lib/security/java.policy, but that was apparently ignored. Any help would be greatly appreciated.

  I think the java plugin uses C:\Program Files\Java\j2re1.4.2_04\lib\security\cacerts as a store to get keys.
  The password of this file is changeit and you can use keytool to import keys.
  I found contradicting information about what can be imported but if you have a p12 file (Mozilla convention for PKCS12) you can import it with java control panel:
  C:\Program Files\Java\j2re1.4.2_04\bin\jpicpl32.exe
  After imported a cert with control panel it was put in a file located here
  C:\Documents and Settings\sbaker\Application Data\Sun\Java\Deployment\security\
  Importing with the control panel makes a user specific import and importing with keytool in C:\Program Files\Java\j2re1.4.2_04\lib\security\cacerts (password is changeit) makes it machine specific.

• Lost with granting signed applet permissions

  Hi all,
  My apologies for the cross post, I have incorrectly sent this post to the jre forum but I think it is more specific to the signed aplpet forum..
  We need to deploy a very simple applet which sole role is to connect to a domain other than mother to send and get some data. We have a certificate from Verisign and have signed the applet. So far so good. The applet is compiled and signed with the jdk 1.3.1_12. With the JRE 1.3.1_x, it works just fine. If the jre 1.4.2_x is installed however, the connection doesn't happen and we receive a permission denied exception instead:
  java.security.AccessControlException: access denied (java.net.SocketPermission xxxxx resolve)
  With jre 1.4.2, when the applet loads, we do see the security prompt, but we get the permission denied exception even if we specifically choose to trust the applet. I thought this step would automatically grant all priviledges?
  So I don't know what to do from here. How can the applet request for the correct permission in jre 1.4.2_x? I looked around and found some information about policy files but I'm at a loss at how to use that, we have no control as to who will see the applet so I don't think we can ask all to update their policy file first.
  What we want to have is for our users to grant priviledge at the security prompt and not worry about anything else, even with jre1.4. Can it be done?
  Any help would be much appreciated.
  Tim.

  If the above information doesn't help you a full trace might come in handy:
  To turn the full trace on (windows) you can start the java console, to be found here:
  C:\Program Files\Java\j2re1.4...\bin\jpicpl32.exe
  In the advanced tab you can fill in something for runtime parameters fill in this:
  -Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect
  if you cannot start the java console check here:
  C:\Documents and Settings\userName\Application Data\Sun\Java\Deployment\deployment.properties
  add or change the following line:
  javaplugin.jre.params=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  The trace is here:
  C:\Documents and Settings\your user\Application Data\Sun\Java\Deployment\log\plugin...log

• Applet ignore sign

  I have created an applet and signed it. Everything was greate until today. Suddenly when I try to sign new applets I get a message saying that the applet was signed, but when I execute it I see that it is not signed (I have checked that the expiration date hasn't passed yet).
  I tried to create a new signature this way:
  keytool -genkey -alias tkn8 -keystore tkn8 -validity 9000
  Enter keystore password: q12345
  What is your first and last name?
  [Unknown]: Tkn8
  What is the name of your organizational unit?
  [Unknown]: Computers
  What is the name of your organization?
  [Unknown]: myOrg
  What is the name of your City or Locality?
  [Unknown]: Tv
  What is the name of your State or Province?
  [Unknown]: USA
  What is the two-letter country code for this unit?
  [Unknown]: US
  Is <CN=Tkn8, OU=Computers, O=myOrg, L=Tv, ST=USA, C=US> correct?
  [no]: yes
  Enter key password for <tkina8>
  (RETURN if same as keystore password):
  I exported the signature
  keytool -export -keystore tkn8store -alias tkn8 -file tkn8.crtEnter keystore password: q12345
  Certificate stored in file <tkn8.crt>
  I installed the certificate and signed the jar
  jarsigner -keystore tkina8store TapiTkina.jar tkn8
  But it doesn't work.
  Can someone help me!!!

  You can check your java.policy.
  If there is something with "usePolicy" in there all signatures will be ignored for a certain codebase and you
  won't get the popup. Note that if you have jre and jdk installed there are more than 1 policy files.
  When you open the java console (Program Files\Java\j2re1.4.2_04\bin\jpicpl32.exe) you can set the
  runtime parameters in such a way that it will give you a full trace:
  -Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect
  The trace should tell you the reason why a signature is ignored.

• Itunes ignoring Read & Write permissions on external drive?

  Hi,
  similar but different to other reported problems:
  1. I got in a mess with my library and copied a load of folders from a backup into my itunes folder, which is on an external firewire drive, which was previously fine.
  2. Now I can't change info in any tunes and can't import anything.
  3. I have selected the drive and subfolders, changing the permissions to Read & write for me, staff, everyone. I have said 'Apply to enclosed items' each time. Whether the drive has 'Ignore ownership' ticked or not makes no difference I think.
  4. Itunes still won't let me change or import.
  What to do?
  thanks in advance...
  Ben
  Message was edited by: bennnn - added note about Ignore ownership

  A bit of a long shot, but I wonder if the iTunes library file might be corrupt. You might as a test try dragging the iTunes library file to the desktop and relaunching iTunes, which will get it to create a new, blank library file. Then import a CD and see if it's successful. If so, then you know that the old library file is indeed corrupt. If no improvement, just put the old library file back, replacing the newly-created one.

• SunOne ignores signed jars -- bug?

  This is a follow-up to http://softwareforum.sun.com/NASApp/jive/thread.jsp?forum=69&thread=18672.
  The use of signedBy grant blocks appears to be broken, at least for signed jars that are deployed as part of an ear file. I created and signed a small jar that attemps to do a few normally forbidden things, then added these entries to the server.policy file:
  keystore "file:${/}C:${/}Sun${/}AppServer7${/}codesign.keystore";
  grant signedBy "codesign" {
  permission java.util.PropertyPermission "*", "read,write";
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  Then I included the jar in a small enterprise app in which an EJB called the "forbidden" methods. In spite of the entires in server.policy, the code still fails due to AccessControlExceptions.
  Running with -Djava.security.debug=policy reveals:
  [04/Apr/2003:09:56:46] WARNING ( 2176): CORE3283: stderr: policy: getPermissions:
  [04/Apr/2003:09:56:46] WARNING ( 2176): CORE3283: stderr:      PD CodeSource: (file:/C:/Sun/AppServer7/domains/domain1/server1/applications/j2ee-apps/cms_3/./lib/SignedJarTest.jar <no certificates>)
  Note the <no certificates>
  Running the class from the command line -- using the exact same jar, and using the SunOne JVM and server.policy file -- is successful.:
  java -cp ./Sun/AppServer7/domains/domain1/server1/applications/j2ee-apps/cms_3/lib/SignedJarTest.jar -Djava.security.manager -Djava.security.policy=C:/Sun/AppServer7/domains/domain1/server1/config/server.policy -Djava.security.debug=policy com.seabase.scratch.crypto.SignedJarTest
  policy: getPermissions:
  PD CodeSource: (file:/C:/Sun/AppServer7/domains/domain1/server1/applicat
  ions/j2ee-apps/cms_3/lib/SignedJarTest.jar [
  Version: V1
  Subject: CN=Patrick Jones, OU=DOE Project, O=SEA, L=New Orleans, ST=Louisiana,
  C=US
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@72ffb
  Validity: [From: Tue Apr 01 12:34:18 CST 2003,
                 To: Sun Jul 20 01:34:18 CDT 2003]
  Issuer: CN=CA, OU=DOE Project, O=SEA, L=New Orleans, ST=Louisiana, C=US
  SerialNumber: [    4a821187 ]
  ... etc
  SunOne evidently ignores the fact that this jar is signed. This appears to be a bug.

  Java Plug-in 1.6.0_26
  Using JRE version 1.6.0_26-b03 Java HotSpot(TM) Client VM
  User home directory = C:\Users\dbladorn
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  l:   dump classloader list
  m:   print memory usage
  o:   trigger logging
  q:   hide console
  r:   reload policy configuration
  s:   dump system and deployment properties
  t:   dump thread list
  v:   dump thread stack
  x:   clear classloader cache
  0-5: set trace level to <n>
  exception: exit(-1).
  ExitException[ 4]java.lang.RuntimeException: exit(-1)
       at com.sun.javaws.Main.systemExit(Unknown Source)
       at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
       at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
       at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
       at sun.plugin2.applet.JNLP2Manager.prepareLaunchFile(Unknown Source)
       at sun.plugin2.applet.JNLP2Manager.loadJarFiles(Unknown Source)
       at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  Exception: ExitException[ 4]java.lang.RuntimeException: exit(-1)

• VCenter Single Sign-On Permissions Assignment for Members of Multiple AD Groups

  Hi all,
  I ran across an interesting issue whilst assigning permissions using Active Directory groups within vCenter.
  Environment
  1 vCenter Appliance managing 2 Datacenters (1 Datacenter with 2 Clusters, 1 Cluster with 2 Hosts, 1 Cluster with 4 Hosts, 1 Datacenter with 1 Cluster containing 1 host.) 
  vCenter has an SSO Identity Source configured using Active Directory (Integrated Windows Authentication).
  vCenter and all hosts are domain members of child1.parent.com.au
  The Active Directory Forest contains a parent domain, let's call it parent.com.au, and two child domains child1.parent.com.au and child2.parent.com.au.
  Although the Identity Source was configured for my child domain, using child domain credentials it added the parent domain and subsequently both child domains. Okay, so there are trusts, I'm okay with this. The interesting issue is yet to come.
  Two Active Directory Groups were added. Deployment Admins A and Deployment Admins B.
  Two vCenter Roles were created with similar names. VM Deployers A and VM Deployers B
  Deployment Admins A was assigned the Deployers A role to Cluster A (Cluster, VM Folders, Datastore Folders)
  Deployment Admins B was assigned the Deployers B role to Cluster B (Cluster, VM Folders, Datastore Folders)
  Note: No objects overlap. All hosts, vms and datastores are isolated to each cluster.
  So the next step is assign an child1 AD User to the Deployment Admins A group. As expected the user using credentials child1\user can connect to vCenter via the VI Client and see all the relevant objects. Great!
  So now I assign the same child1 AD user to the second AD group Deployment Admins B. Now we wait and nothing happens. The permissions don't change. The user logs out and logs back in using the same credentials and still the permissions don't change.
  So I remove the user from both AD groups and get them to log out and in and sure enough they can't.
  This time I assign the child1\user account the roles as set out previously. So child1\user account is assigned to both roles in place of each AD Group. The expected behaviour is observed. As I add the second permission set, the objects become visible within the VI client.
  Okay so now I remove the explicitly assigned permissions and reassign via the groups and this time I ask the user to log in via the UPN ([email protected]). Whoa! It works.
  So it seems that assigning permissions for the same user in multiple AD groups across multiple roles can only be achieved when the user uses a UPN login to the VI Client.
  Has anybody else found this to be the case?
  If so, were you able to fix it?

  Hello,
  I have found this to be the case and think it is more due to SSO than AD. If you look at how you login as the 'administrator' when you first configure SSO it is in effect using UPN. I would raise this as a case to VMware and make sure they are aware of the issue. There are some issues with SSO being worked each day.
  Best regards,
  Edward L. Haletky
  VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014
  Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
  Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

• Finder ignores CIFS/SMB permissions if under 777.

  I've seen alot of talk of this over the last year, but no real solutions.
  In finder, if I do  go->Connect to server   do:  CIFS://server/home/user/  it prompts me for a username/password which is readily accepts and then connects to the share.  However when finder comes up it gives me 'The folder "user" can't be opened because you don't have permission to see its contents."
  If I pull open terminal.app I can do a cd /Volumes/server/home/user/  and a directory listing just fine.  The default permissions (in the unix world) is 711.   If I change it to 777 finder becomes happy.  However, this really isn't a valid solution as it breaks other things.
  The NAS in question is an EMC VNX, and as far as one can tell we're patched up beyond the "July" issue where Lion crashes the data movers.
  This is seriously feeling like a failure of Finder to handle permissions right.  What else can I verify to ensure it isn't a finder issue?

  I think it's a bigger problem than you suggest. I have 2 buffalo NAS boxes here, a NetGEAR ReadyNAS NV+ and a Windows 2008 server. I can connect to everything - except the 2k8 machine's share. It shows up in the shared places list, it attempts to connect: I've turned off the Group Policy requirement for encrypted passwords on the 2k8 server, which is what allowed Leopard to connect to it, originally - but SL won't complete the connection.
  This is especially weird, since the Buffalos and the ReadyNAS all use Active Directory user authentication for the connections made to them by the SL machine... I'm amazed nobody is reporting this yet (that I can find in the forum, at least).
  Anyone with any idea what's gotta be hacked, please post here!

• When installing iTunes I recive error message and i am able to ignore but if I want to open itunes after installation it says apple application service was not found

  Please help

  For general advice see Troubleshooting issues with iTunes for Windows updates.
  The section Install missing components may allow you to install Apple Application Support.
  The steps in the second box are a guide to removing everything related to iTunes and then rebuilding it which is often a good starting point unless the symptoms indicate a more specific approach. Review the other boxes and the list of support documents further down the page in case one of them applies.
  Your library should be unaffected by these steps but there is backup and recovery advice elsewhere in the user tip.
  If the advice above doesn't resolve things you could try this alternate version:
  iTunes 12.1.0.71 for Windows (64-bit - for older video cards) - itunes64setup.exe (2015-01-28)
  which is a 64-bit installer for the 32-bit version of the core application, similar to previous 64-bit releases.
  Or roll back to the previous build:
  iTunes 12.0.1.26 for Windows (32-bit) - iTunesSetup.exe (2014-10-16)
  iTunes 12.0.1.26 for Windows (64-bit) - iTunes64Setup.exe (2014-10-16)
  tt2