Results 1 to 2 of 2
  1. #1
    divot is offline Member
    Join Date
    Nov 2010
    Posts
    2
    Rep Power
    0

    Default Java Security Policy

    Hi,

    I have a system that I'm setting up where I have both trusted and untrusted code that I need to execute. To ensure everything is done as safely as possible I'm trying to use the inbuilt policy features however I am having trouble getting things to work correctly.

    Earlier today I had a simple test program (reading a file) in a restricted location and I was running tests on a simple policy. I had it at the stage where it was correctly denying me access to the file. Since then I have installed eclipse and done a lot more coding. Now, having returned to use the security policy on the newly written code I have found that it is no longer working correctly, in fact the policy file is not even being read for the program accessing the file. I confirmed this by putting jargon into the policy file, which threw up an error earlier on, then testing it on the same simple program from earlier no longer provides an error.

    After a little bit of poking I have found that the policy file is not read for a program accessing the file, but is for another program that calls a command line program, when it should be doing it for both (preferably all programs it encounters).

    The only major change I can think of is my installing eclipse from the repository. I'm using ubuntu 10.10.

    Finally, I'm executing my java file using the following command:
    Java Code:
    java -Djava.security.manager -Djava.security.policy=java.policy MyProg
    I have definitely confirmed that the java.policy file is the correct file it should be scanning for, and I just can't work out what on earth is wrong.

    Please help!!

    Thanks in advance, Dan

  2. #2
    divot is offline Member
    Join Date
    Nov 2010
    Posts
    2
    Rep Power
    0

    Smile

    Problem solved. It seems I had modified the test slightly and forgotten.

    Java does not appear to care about the security policy enough to check it unless there are a very few specific actions that occur. It seems that creating a file object with a specific file is not one of those actions, instead something along the lines of an actual read of said object is...

    Added a read, test passes with flying colours,

    Hurrah!!

Similar Threads

  1. Java RMI .policy file
    By krati in forum Networking
    Replies: 9
    Last Post: 04-24-2014, 06:04 PM
  2. Applet+thread+java policy
    By shiva_l in forum Java Applets
    Replies: 0
    Last Post: 12-29-2008, 11:20 AM
  3. Djava.security.policy=applet.policy
    By willemjav in forum Java Applets
    Replies: 1
    Last Post: 03-09-2008, 02:57 AM
  4. Djava.security.policy=applet.policy
    By willemjav in forum NetBeans
    Replies: 0
    Last Post: 03-09-2008, 02:09 AM
  5. java.policy
    By cubidoo in forum New To Java
    Replies: 0
    Last Post: 12-01-2007, 10:10 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •