• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Devaka Cooray
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Junilu Lacar
  • Paul Clapham
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • salvin francis
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Frits Walraven
  • Ganesh Patekar

java.policy file - PropertyPermission ???  RSS feed

 
Ranch Hand
Posts: 178
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have an applet embedded in a JSP page which is working great. This project is almost ready for implementation, and I need to determine what permissions should be granted explicitly in the java.policy file. During development, I granted all permissions by adding the following line to the java.policy file:
permission java.security.AllPermission;
However, I very obviously want to restrict the permissions to allow the least possible for my applet for production. I have most of the permissions determined, except for the following scenario:
I write a log file to C:\temp. I allow this by granting:
permission java.io.FilePermission "c:\\temp\\Applet.log", "read,write";
This will work ONLY if I also grant:
permission java.util.PropertyPermission "*", "read, write";
However, I want to restrict the PropertyPermission to just the one that is necessary instead of *. I have tried using the following lines to determine which is necessary:
permission java.util.PropertyPermission "java.*", "read, write";
permission java.util.PropertyPermission "java.specification.*", "read, write";
permission java.util.PropertyPermission "java.vm.*", "read, write";
permission java.util.PropertyPermission "os.*", "read, write";
permission java.util.PropertyPermission "path.*", "read, write";
permission java.util.PropertyPermission "file.*", "read, write";
permission java.util.PropertyPermission "line.*", "read, write";
permission java.util.PropertyPermission "user.*", "read, write";
, but even when I comment out the line allowing * and explicitly allow all permissions listed above, I still get the exception:
java.security.AccessControlException: access denied (java.util.PropertyPermission * read,write)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertiesAccess(Unknown Source)
at java.lang.System.getProperties(Unknown Source)
at com.mastercard.debug.FileLogger.println(FileLogger.java:289)
at com.mastercard.rcd.data.DataApplet.start(DataApplet.java:120)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Does anyone know which PropertyPermission I need to grant explicitly instead of *? This is a big security issue to grant * permissions. Your help is greatly appreciated!

 
All of the world's problems can be solved in a garden - Geoff Lawton. Tiny ad:
RavenDB is an Open Source NoSQL Database that’s fully transactional (ACID) across your database
https://coderanch.com/t/704633/RavenDB-Open-Source-NoSQL-Database
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!