• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

java.policy file - PropertyPermission ???

 
verduka fox
Ranch Hand
Posts: 178
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have an applet embedded in a JSP page which is working great. This project is almost ready for implementation, and I need to determine what permissions should be granted explicitly in the java.policy file. During development, I granted all permissions by adding the following line to the java.policy file:
permission java.security.AllPermission;
However, I very obviously want to restrict the permissions to allow the least possible for my applet for production. I have most of the permissions determined, except for the following scenario:
I write a log file to C:\temp. I allow this by granting:
permission java.io.FilePermission "c:\\temp\\Applet.log", "read,write";
This will work ONLY if I also grant:
permission java.util.PropertyPermission "*", "read, write";
However, I want to restrict the PropertyPermission to just the one that is necessary instead of *. I have tried using the following lines to determine which is necessary:
permission java.util.PropertyPermission "java.*", "read, write";
permission java.util.PropertyPermission "java.specification.*", "read, write";
permission java.util.PropertyPermission "java.vm.*", "read, write";
permission java.util.PropertyPermission "os.*", "read, write";
permission java.util.PropertyPermission "path.*", "read, write";
permission java.util.PropertyPermission "file.*", "read, write";
permission java.util.PropertyPermission "line.*", "read, write";
permission java.util.PropertyPermission "user.*", "read, write";
, but even when I comment out the line allowing * and explicitly allow all permissions listed above, I still get the exception:
java.security.AccessControlException: access denied (java.util.PropertyPermission * read,write)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertiesAccess(Unknown Source)
at java.lang.System.getProperties(Unknown Source)
at com.mastercard.debug.FileLogger.println(FileLogger.java:289)
at com.mastercard.rcd.data.DataApplet.start(DataApplet.java:120)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Does anyone know which PropertyPermission I need to grant explicitly instead of *? This is a big security issue to grant * permissions. Your help is greatly appreciated!

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic