unity – 如何防止Java应用程序创建托盘图标?
作者:互联网
使用Ubuntu 13.04,将某些应用程序列入白名单(并因此将黑名单)创建托盘图标的可能性已经消失.从那时起,Java应用程序和Wine图标的托盘图标被硬编码并始终可见.
虽然有某些ppas,通过回馈systray.whitelist(但不是14.04但是)来提供统一补丁我想知道是否有其他方法来隐藏java应用程序的托盘图标(例如JDownloader)
我知道有一种方法可以通过实现禁止对sni-qt包进行读访问的apparmor-profiles来为qt-applications这样做(例如对于Skype或Spotify)
有没有办法为Java应用程序和/或Wine应用程序实现apparmor配置文件或类似的东西?
谢谢
解决方法:
对于Java Apps:
>实际上对于JDownloader案例,它是一种模块化设计.托盘图标是一个可以禁用的插件:
JDown Trader的JDownloader→Addons→Addon Manager→Extensions→Uncheck Activate框
>对于Java应用程序的一般情况,可以通过编写自定义策略规则来使用Java安全管理器.
>在〜/ .jdownloader中创建java.policy文件包含:
grant codeBase "file:/home/user/.jdownloader/-" {
// full access
// permission java.security.AllPermission;
// AWTPermission full or only selected elements from it
// permission java.awt.AWTPermission "*";
permission java.awt.AWTPermission "accessClipboard";
permission java.awt.AWTPermission "accessEventQueue";
// permission java.awt.AWTPermission "accessSystemTray";
permission java.awt.AWTPermission "createRobot";
permission java.awt.AWTPermission "fullScreenExclusive";
permission java.awt.AWTPermission "listenToAllAWTEvents";
permission java.awt.AWTPermission "readDisplayPixels";
permission java.awt.AWTPermission "replaceKeyboardFocusManager";
permission java.awt.AWTPermission "setAppletStub";
permission java.awt.AWTPermission "setWindowAlwaysOnTop";
permission java.awt.AWTPermission "showWindowWithoutWarningBanner";
permission java.awt.AWTPermission "toolkitModality";
permission java.awt.AWTPermission "watchMousePointer";
// Added by try and learn
permission java.io.FilePermission "/-", "read,write,delete";
permission java.util.PropertyPermission "*", "read,write";
permission java.util.logging.LoggingPermission "control";
permission java.lang.RuntimePermission "*";
permission java.net.NetPermission "*";
permission java.security.SecurityPermission "*";
permission javax.net.ssl.SSLPermission "*";
permission java.net.SocketPermission "*", "connect,resolve";
permission java.lang.reflect.ReflectPermission "*";
};
>修改jdownloader启动脚本以使用自定义策略
sudo nano /usr/bin/jdownloader
添加:-Djava.security.manager -Djava.security.policy = java.policy到java命令调用:
exec java ${JAVA_OPTIONS} -Djava.security.manager -Djava.security.policy=java.policy -jar JDownloader.jar $*
这些是允许我启动jdownloader的最低规则.您可能需要添加更多权限.因为没有拒绝选项,您必须编写所有需要的授权规则.
参考文献:
> java.awt
: Class SystemTray
> java.awt
: Class AWTPermission
> java.security
: Class BasicPermission
如果要编写授予除AccessSystemTray之外的AllPermission的通用模板,请参阅直接已知子类.因此,您可以将其用于所有剩余的Java应用程序.
顺便说一下,尝试通过在行的开头添加//来评论其中一条规则;因此,您可以看到拒绝权限的错误如何.它告诉您应该添加哪个权限.另请注意我使用了很多 – & *试图扩展规则,因为我正在寻找一个快速的解决方案(默认是AllPermission无论如何),我不打算监禁应用程序.
这是一个开始的模板,尝试授予所有可能的权限:
grant codeBase "file:/home/user/.jdownloader/-" {
// permission java.security.AllPermission;
// permission java.awt.AWTPermission "*";
permission java.awt.AWTPermission "accessClipboard";
permission java.awt.AWTPermission "accessEventQueue";
// permission java.awt.AWTPermission "accessSystemTray";
permission java.awt.AWTPermission "createRobot";
permission java.awt.AWTPermission "fullScreenExclusive";
permission java.awt.AWTPermission "listenToAllAWTEvents";
permission java.awt.AWTPermission "readDisplayPixels";
permission java.awt.AWTPermission "replaceKeyboardFocusManager";
permission java.awt.AWTPermission "setAppletStub";
permission java.awt.AWTPermission "setWindowAlwaysOnTop";
permission java.awt.AWTPermission "showWindowWithoutWarningBanner";
permission java.awt.AWTPermission "toolkitModality";
permission java.awt.AWTPermission "watchMousePointer";
permission javax.sound.sampled.AudioPermission "*";
permission javax.security.auth.AuthPermission "*";
// permission javax.security.auth.kerberos.DelegationPermission "";
permission javax.xml.bind.JAXBPermission "*";
permission java.nio.file.LinkPermission "hard";
permission java.nio.file.LinkPermission "symbolic";
permission java.util.logging.LoggingPermission "control";
// permission java.lang.management.ManagementPermission "*";
permission javax.management.MBeanServerPermission "*";
permission javax.management.MBeanTrustPermission "*";
permission java.net.NetPermission "*";
permission java.util.PropertyPermission "*", "read,write";
permission java.lang.reflect.ReflectPermission "*";
permission java.lang.RuntimePermission "*";
permission java.security.SecurityPermission "*";
permission java.io.SerializablePermission "*";
permission java.sql.SQLPermission "*";
permission javax.net.ssl.SSLPermission "*";
permission javax.management.remote.SubjectDelegationPermission "*";
permission javax.xml.ws.WebServicePermission "*";
// permission "*";
permission java.io.FilePermission "/-", "read,write,execute,delete,readlink";
permission javax.management.MBeanPermission "*", "*";
// permission javax.security.auth.PrivateCredentialPermission "", "read";
permission javax.security.auth.kerberos.ServicePermission "*", "initiate,accept";
permission java.net.SocketPermission "*", "accept,connect,listen,resolve";
permission java.net.URLPermission "*";
};
注意:
Java Policy Tools是一个用于编辑策略文件的GUI工具.这使得从下拉框中找到所有可用选项变得更加容易.它应该已经安装了Java包.
标签:indicator,system-tray,java,icons,unity 来源: https://codeday.me/bug/20190807/1614863.html