Results 1 to 10 of 10
  1. #1
    Lil_Aziz1's Avatar
    Lil_Aziz1 is offline Senior Member
    Join Date
    Dec 2009
    Location
    United States
    Posts
    343
    Rep Power
    5

    Default Question on java.security.manager

    If Count.java has the following content:
    Java Code:
    import java.io.*;
    
    public class Count {
        public static void countChars(InputStream in) throws IOException
        {
            int count = 0;
    
            while (in.read() != -1)
                count++;
    
            System.out.println("Counted " + count + " chars.");
        }
    
        public static void main(String[] args) throws Exception
        {
            if (args.length >= 1)
                countChars(new FileInputStream(args[0]));
            else
                System.err.println("Usage: Count filename");
        }
    }
    After compilation, shouldn't this command invoke some sort of Exception/Error associated with permission or security?


    Although, when I put Count.class in a jar file and then run it using classpath, it gives me an Exception:


    I did another test:
    I made a manifest.txt with the following content:
    Java Code:
    Main-Class: Count
    then did:
    Java Code:
    jar cfm mCount.jar manifest.txt Count.class
    Compiled it with the security manager and without the security manager, and I got an exception same as the prior test when -Djava.security.manager extension was added.


    So the question is, why did I not get an exception when I did
    Java Code:
     java -Djava.security.manager Count writetest
    ? Thanks in advance.

    EDIT: I have not tampered with any security files. I actually recently reinstalled the JDK.

    Best Regards,

    Aziz Javed
    Last edited by Lil_Aziz1; 06-06-2010 at 06:26 PM.
    "Experience is what you get when you don't get what you want" (Dan Stanford)
    "Rise and rise again until lambs become lions" (Robin Hood)

  2. #2
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    SW Missouri
    Posts
    17,331
    Rep Power
    25

    Default

    Do you have a .java.policy file that's used by the JVM?
    What's in your .java.policy file?

    Mine's in the C:\Documents and Settings\Owner folder

  3. #3
    Lil_Aziz1's Avatar
    Lil_Aziz1 is offline Senior Member
    Join Date
    Dec 2009
    Location
    United States
    Posts
    343
    Rep Power
    5

    Default

    I found a java.policy file but not a .java.policy file. This is what it contains:

    Java Code:
    // Standard extensions get all permissions by default
    
    grant codeBase "file:${{java.ext.dirs}}/*" {
    	permission java.security.AllPermission;
    };
    
    // default permissions granted to all domains
    
    grant { 
    	// Allows any thread to stop itself using the java.lang.Thread.stop()
    	// method that takes no argument.
    	// Note that this permission is granted by default only to remain
    	// backwards compatible.
    	// It is strongly recommended that you either remove this permission
    	// from this policy file or further restrict it to code sources
    	// that you specify, because Thread.stop() is potentially unsafe.
    	// See "http://java.sun.com/notes" for more information.
    	permission java.lang.RuntimePermission "stopThread";
    
    	// allows anyone to listen on un-privileged ports
    	permission java.net.SocketPermission "localhost:XXXX-", "listen";
    
    	// "standard" properies that can be read by anyone
    
    	permission java.util.PropertyPermission "java.version", "read";
    	permission java.util.PropertyPermission "java.vendor", "read";
    	permission java.util.PropertyPermission "java.vendor.url", "read";
    	permission java.util.PropertyPermission "java.class.version", "read";
    	permission java.util.PropertyPermission "os.name", "read";
    	permission java.util.PropertyPermission "os.version", "read";
    	permission java.util.PropertyPermission "os.arch", "read";
    	permission java.util.PropertyPermission "file.separator", "read";
    	permission java.util.PropertyPermission "path.separator", "read";
    	permission java.util.PropertyPermission "line.separator", "read";
    
    	permission java.util.PropertyPermission "java.specification.version", "read";
    	permission java.util.PropertyPermission "java.specification.vendor", "read";
    	permission java.util.PropertyPermission "java.specification.name", "read";
    
    	permission java.util.PropertyPermission "java.vm.specification.version", "read";
    	permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
    	permission java.util.PropertyPermission "java.vm.specification.name", "read";
    	permission java.util.PropertyPermission "java.vm.version", "read";
    	permission java.util.PropertyPermission "java.vm.vendor", "read";
    	permission java.util.PropertyPermission "java.vm.name", "read";
    };
    I think the JVM is using java.policy because when I compiled GetProps.java with the following code:
    Java Code:
    class GetProps {
    
        public static void main(String[] args) {
    
            /* Test reading properties w & w/out security manager */
            
            String s;
    
            try {
    
                System.out.println("About to get os.name property value");
    
                s = System.getProperty("os.name", "not specified");
                System.out.println("  The name of your operating system is: " + s);
    
                System.out.println("About to get java.version property value");
    
                s = System.getProperty("java.version", "not specified");
                System.out.println("  The version of the JVM you are running is: " + s);
    
                System.out.println("About to get user.home property value");
    
                s = System.getProperty("user.home", "not specified");
                System.out.println("  Your user home directory is: " + s);
    
                System.out.println("About to get java.home property value");
    
                s = System.getProperty("java.home", "not specified");
                System.out.println("  Your JRE installation directory is: " + s);
    
    
            } catch (Exception e) {
                System.err.println("Caught exception " + e.toString());
            }
    
        }
    
    }
    and then ran the application through the security.manager and got an exception:


    So I don't know why it's not working. Also, the Java tutorial ( http://java.sun.com/docs/books/tutor...gn/rstep1.html ) doesn't talk about running just the Count.class. Instead, it talks about running it through a jar file. Out of curiosity, shouldn't the same rules apply to Count.class without it being in a jar file?
    Last edited by Lil_Aziz1; 06-06-2010 at 07:25 PM.
    "Experience is what you get when you don't get what you want" (Dan Stanford)
    "Rise and rise again until lambs become lions" (Robin Hood)

  4. #4
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    SW Missouri
    Posts
    17,331
    Rep Power
    25

    Default

    Not sure how the java.policy (no leading .) is for or how used.
    What file is displayed when you open the policytool program?

    The .java.policy file is referred to from the {java.home}\lib\security\java.security file by this line:
    policy.url.2=file:${user.home}/.java.policy


    Re codebase. I found this with google, don't have URL for it. The title is:
    Default Policy Implementation and Policy File Syntax
    The exact meaning of a codeBase value depends on the characters at the end. A codeBase with a trailing "/" matches all class files (not JAR files) in the specified directory. A codeBase with a trailing "/*" matches all files (both class and JAR files) contained in that directory. A codeBase with a trailing "/-" matches all files (both class and JAR files) in the directory and recursively all files in subdirectories contained in that directory. The following table illustrates the different cases.
    Last edited by Norm; 06-06-2010 at 08:26 PM.

  5. #5
    Lil_Aziz1's Avatar
    Lil_Aziz1 is offline Senior Member
    Join Date
    Dec 2009
    Location
    United States
    Posts
    343
    Rep Power
    5

    Default

    When I open up the policy too, no file is displayed, just the Policy Tool itself in its blank window.

    So do you want me to rename java.policy to .java.policy?
    "Experience is what you get when you don't get what you want" (Dan Stanford)
    "Rise and rise again until lambs become lions" (Robin Hood)

  6. #6
    Webuser is offline Senior Member
    Join Date
    Dec 2008
    Posts
    526
    Rep Power
    0

    Default

    I did another test:
    I made a manifest.txt with the following content:
    for your information you should ext manifest as *.MF but not *.txt :(

    show us your jar packages structure.
    If my answer helped you. Please click my "REP" button and add a comment
    Have a Good Java Coding :)

  7. #7
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    SW Missouri
    Posts
    17,331
    Rep Power
    25

    Default

    Find this java.security file and see if you have the line I show.
    The .java.policy file is referred to from the {java.home}\lib\security\java.security file by this line:
    policy.url.2=file:${user.home}/.java.policy
    If you have that file with that line, look in the user.home folder for the .java.policy file.
    I suspect you don't have one as policytool would read and load it when it starts.

    Where did you find the java.policy file? Don't rename it. Looking in the above java.security file you'll see a reference to it above the line I posted.

  8. #8
    Lil_Aziz1's Avatar
    Lil_Aziz1 is offline Senior Member
    Join Date
    Dec 2009
    Location
    United States
    Posts
    343
    Rep Power
    5

    Default

    So I looked over java.security and I did find the following:
    Java Code:
    # The default is to have a single system-wide policy file,
    # and a policy file in the user's home directory.
    policy.url.1=file:${java.home}/lib/security/java.policy
    policy.url.2=file:${user.home}/.java.policy
    I checked my user.home and could not find .java.policy (to make sure I was looking at the right place, I did the following:
    Java Code:
                s = System.getProperty("user.home", "not specified");
                System.out.println("  Your user home directory is: " + s);
    )
    What should I do?
    "Experience is what you get when you don't get what you want" (Dan Stanford)
    "Rise and rise again until lambs become lions" (Robin Hood)

  9. #9
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    SW Missouri
    Posts
    17,331
    Rep Power
    25

    Default

    I was concerned that there was a .policy file that was granting permission that you didn't know about. It appears there is NOT.
    Continue with your testing. Is the file being read in a different folder than the jar/class files? It should be. Move it up one and prefix your filename with ..\

  10. #10
    Lil_Aziz1's Avatar
    Lil_Aziz1 is offline Senior Member
    Join Date
    Dec 2009
    Location
    United States
    Posts
    343
    Rep Power
    5

    Default

    Oooh. I think it worked. So I moved Count.class to directory C:\..\A\B and moved the file it was reading (writetest.txt) to C:\...\A
    I ran Count without the security manager and it read writetest.txt. Then I ran it with the security manager and it gave me a PermissionException!
    Then I moved Count.class to directory C:\..\A and writetest.txt to C:\..\A\B - it did not give me an exception when I ran it with security manager. :(

    Conclusion: A JAVA application has permission to read (maybe even write?) any files in the same directory as it and in sub-directories. (Hope this is accurate)

    I hope that's what you were talking about.
    Anyhow, thanks man! +1
    "Experience is what you get when you don't get what you want" (Dan Stanford)
    "Rise and rise again until lambs become lions" (Robin Hood)

Similar Threads

  1. Question about creating a Game State Manager
    By nolsen01 in forum New To Java
    Replies: 1
    Last Post: 03-05-2010, 10:23 PM
  2. Java security program
    By bhaumik1987 in forum New To Java
    Replies: 7
    Last Post: 02-09-2010, 02:28 PM
  3. Java security
    By Zosden in forum Java Applets
    Replies: 43
    Last Post: 08-02-2008, 02:10 PM
  4. java.security.AccessControlException
    By cecily in forum Java Applets
    Replies: 1
    Last Post: 08-06-2007, 02:49 AM
  5. Replies: 1
    Last Post: 07-23-2007, 11:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •