I've posted a signed TiddlySaver (TS) jar to a beta branch<https://github.com/PVHL/tiddlywiki/tree/TiddlySaver1Beta1/java>on my GitHub account. The only change is an updated manifest file compared to the last unsigned jar. I've also added an unsigned version (*** see note at end) in case you must use the broken update 45 (with medium security).
The new signed jar should work with all Java updates, including the latest (51) but excluding 45, without any policy file settings and without any warnings. I've tested it at 'High' and 'Very High' settings with no issues -- except I hadn't realized before that the 'Very High' security requires one be online for the certificate revocation test; as that's the difference between the two settings and I'm often working offline, I'm personally happy to stay with 'High'. Please note that the manifest file allows the jar to write to and read from any location; this was the only way I could find to allow TS to run from an unknown folder in an unknown file. It is possible it could be restricted to only using 'File:', but I didn't want to delay this any further as we have a signing turnaround time for every change made and I personally feel this is not an issue. If there's any security experts out there I would appreciate feedback on better settings: take a look at the manifest and let me know. We are hoping to create a new version with a whitelist feature; planning has begun. Hopefully TS will eventually ask for permission to write to a file that isn't on the list and add it if allowed, much as TiddlyFox does; other files will be refused. The current security certificate will expire soon, but the next version will have a fresh certificate and hopefully avoid future expirations with a timestamp. Please do report problems and successes. Cheers, Paul. *** Update 51 added a whitelist feature to Java (on the control panel's 'Security' tab). I haven't tested it personally, but it supposedly allows any jar on the list to run with some security prompts, even with 'High Security' set. If you are uncomfortable with an unlimited TS jar you could try downloading and renaming the unsigned jar and adding the addresses you need to the list. I can't help with this and personally don't see the need -- as already stated, the original TS worked in exactly the same manner and I'm not aware of anyone having had problems with it. -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+unsubscr...@googlegroups.com. To post to this group, send email to tiddlywiki@googlegroups.com. Visit this group at http://groups.google.com/group/tiddlywiki. For more options, visit https://groups.google.com/groups/opt_out.
