• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

What must I add to the server.policy file to execute the shell program /usr/bin/chmod ?

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hellos.

I am trying to get my J2EE application which I have deployed in a SUN application server 8.1 to write .xml FILES which can be removed by any UNIX account.

Ok I can write the file OK. My problem comes when I try to set the file permissions at the UNIX level. It seems that (quite reasonably) the file the app/app server creates has the persmissions of the app server 'owner' - root. I want the files that the app/app server creates to have rw permissions for all. i.e. I want to run "chmod 666 filename"

All my attempts to get this done bomb out.

When I look at the server.log file I see..

Can't call method exec on class com.waveset.util.Util
==> java.security.AccessControlException: access denied (java.io.FilePermission /usr/bin/chmod execute)|#]

I dont understand this.. just what is being denied access and who is doing the denying?

What exactly do I have to put into my application server configuration files so that I can utilise the operating system!!??

I dont want to remove the security altogether, just let my app run a program in a shell.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

It seems that (quite reasonably) the file the app/app server creates has the persmissions of the app server 'owner' - root.


I wouldn't run any server as "root", but instead create a special account for it that is not a super-user.

Can't call method exec on class com.waveset.util.Util
==> java.security.AccessControlException: access denied (java.io.FilePermission /usr/bin/chmod execute)


Most Java servers use SecurityManagers to give (or deny) code certain permissions. The code you're running apparently does not have permission to execute system commands, which -as a default setup- sounds reasonable. But SecurityManagers are highly configurable (the relevant phrase to search for is "security policy") - the app server admin should be able to finetune it according to the application's need. Have a read of the server's documentation -the exact process is different for each server-, and then talk to the server admin about that.
 
reply
    Bookmark Topic Watch Topic
  • New Topic