Results 1 to 6 of 6
  1. #1
    erelsgl is offline Member
    Join Date
    Jul 2011
    Posts
    4
    Rep Power
    0

    Default Security Manager equivalent of the "setuid" bit

    Hi,

    I am working on an application where users can upload custom Javscript code, and my server runs this code (using the Rhino Script Engine). Of course I run the custom code under a very strict SecurityManager, to prevent the users from damaging my server. I don't allow any access to sockets, files, etc.

    However, I do want to allow them to run some privileged actions in a limited way, for example, an action such as "readFactFromDatabase(a,b,c)" should go to a specific table in the database and read a specific row. This action cannot run under the strict SecurityManager because it uses sockets and files.

    I need a mechanism that is similar to the "setuid" bit in Linux - something that allows a thread under some SecurityManager to run specific actions as if it had no SecurityManager.

    I hope I explained myself correctly...

  2. #2
    JosAH's Avatar
    JosAH is offline Moderator
    Join Date
    Sep 2008
    Location
    Voorschoten, the Netherlands
    Posts
    13,526
    Blog Entries
    7
    Rep Power
    20

    Default

    Make your SecurityManager switchable; i.e. when switched to false it allows everything, while being switched to true it does the checks it normally does. Ordinary code doesn't know about your switchable SecurityManager, only your code does and it switches it to false when it needs to.

    kind regards,

    Jos
    cenosillicaphobia: the fear for an empty beer glass

  3. #3
    erelsgl is offline Member
    Join Date
    Jul 2011
    Posts
    4
    Rep Power
    0

    Default

    Great idea, thanks!

    But what if my system is open source? In this case, everyone will know the name of the switch field, and will be able to change it!

  4. #4
    JosAH's Avatar
    JosAH is offline Moderator
    Join Date
    Sep 2008
    Location
    Voorschoten, the Netherlands
    Posts
    13,526
    Blog Entries
    7
    Rep Power
    20

    Default

    Quote Originally Posted by erelsgl View Post
    Great idea, thanks!

    But what if my system is open source? In this case, everyone will know the name of the switch field, and will be able to change it!
    If you code is open source everybody can define their own SecurityManager that allows everything and install it; all bets are off then ...

    kind regards,

    Jos
    cenosillicaphobia: the fear for an empty beer glass

  5. #5
    erelsgl is offline Member
    Join Date
    Jul 2011
    Posts
    4
    Rep Power
    0

    Default

    I don't care if someones download the code, install it on their own servers, and change the security manager.

    I only care about the code that I installed on my own server - I don't want that users who submit code will be able to disable the security manager.

    Ah, but now I have an idea - use a custom configuration file with a "password" for disabling the security manager, such that every sysadmin that installs the code will set his/her own password. I have to try this.

  6. #6
    erelsgl is offline Member
    Join Date
    Jul 2011
    Posts
    4
    Rep Power
    0

    Default

    Quote Originally Posted by JosAH View Post
    Make your SecurityManager switchable; i.e. when switched to false it allows everything, while being switched to true it does the checks it normally does. Ordinary code doesn't know about your switchable SecurityManager, only your code does and it switches it to false when it needs to.
    I spotted a problem in this solution - the user can use reflection to get all the methods of the current security manager, and try them one by one, until he finds a method that switches it off!

Similar Threads

  1. Equivalent of " void* " in JAVA
    By ABHIJEEEEEEET in forum New To Java
    Replies: 7
    Last Post: 08-16-2010, 06:55 AM
  2. Equivalent of "char *" in JAVA
    By ABHIJEEEEEEET in forum New To Java
    Replies: 3
    Last Post: 08-11-2010, 11:37 AM
  3. Equivalent of "strtoul" in JAVA
    By ABHIJEEEEEEET in forum New To Java
    Replies: 5
    Last Post: 08-11-2010, 09:49 AM
  4. Replies: 2
    Last Post: 01-24-2009, 06:56 PM
  5. Replies: 1
    Last Post: 10-20-2008, 07:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •