Java开发网 Java开发网
注册 | 登录 | 帮助 | 搜索 | 排行榜 | 发帖统计  

您没有登录

» Java开发网 » Java Security  

按打印兼容模式打印这个话题 打印话题    把这个话题寄给朋友 寄给朋友    该主题的所有更新都将Email到你的邮箱 订阅主题
flat modethreaded modego to previous topicgo to next topicgo to back
作者 求救!!! 实在想不出来了. (access denied (java.io.FilePermission ...)
crawler



发贴: 0
积分: 0
于 2003-05-22 15:37 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
public class _Test2 {
public static void main(String args[]) {
try {
JarLoader loader =
new JarLoader("file:///e:\\testclass", ClassLoader.getSystemClassLoader());
final Class atomClass = loader.loadClass("PPMM2");

if (atomClass.getProtectionDomain().implies(new FilePermission("c:\\*", "delete"))) {
System.out.println("hehe1");
}

final Object obj = atomClass.newInstance();
final _TestIf r = (_TestIf) obj;

class appmm implements PrivilegedExceptionAction {
public Object run() throws Exception {
if (r.getClass().getProtectionDomain().implies(new FilePermission("c:\\*", "delete"))) {
System.out.println("hehe2");
}
r.go();
return null;
}
};

appmm realppmm = new appmm();
AccessController.doPrivileged(realppmm);

} catch (Exception e) {
e.printStackTrace();
}
}
}

我已经在.policy文件中设置了相应的权限,"hehe1"和"hehe2"都打印出来了,
为什么r.go()还是执行不了?PPMM2中非常简单:

public class PPMM2 implements _TestIf{
public void go() {
File pFile = new File("c:\\java.txt");
pFile.delete();
}
}
出现以下提示:
java.security.AccessControlException: access denied (java.io.FilePermission c:\java.txt delete)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
  at java.security.AccessController.checkPermission(AccessController.java:401)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
  at java.lang.SecurityManager.checkDelete(SecurityManager.java:1002)
  at java.io.File.delete(File.java:846)
  at PPMM2.go(PPMM2.java:12)
  at xsecurity._Test2$1$appmm.run(_Test2.java:38)
  at java.security.AccessController.doPrivileged(Native Method)
  at xsecurity._Test2.main(_Test2.java:44)

why edited on 2003-06-28 20:32

作者 Re:求救!!! 实在想不出来了. [Re:crawler]
menzy



版主


发贴: 754
积分: 113
于 2003-05-28 18:45 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
贴policy file 出来看看


作者 Re:求救!!! 实在想不出来了. [Re:crawler]
crawler



发贴: 0
积分: 0
于 2003-05-31 14:51 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
// Standard extensions get all permissions by default

grant codeBase "fileEmbaressed{java.home}/lib/ext/*" {
  permission java.security.AllPermission;
};

//created by me
grant codeBase "file:/e:/testclass/" {
permission java.io.FilePermission "c:\\*", "delete";
};
// default permissions granted to all domains

grant {
  // Allows any thread to stop itself using the java.lang.Thread.stop()
  // method that takes no argument.
  // Note that this permission is granted by default only to remain
  // backwards compatible.
  // It is strongly recommended that you either remove this permission
  // from this policy file or further restrict it to code sources
  // that you specify, because Thread.stop() is potentially unsafe.
  // See "http://java.sun.com/notes" for more information.
  permission java.lang.RuntimePermission "stopThread";

  // allows anyone to listen on un-privileged ports
  permission java.net.SocketPermission "localhost:1024-", "listen";

  //created by me
permission java.lang.RuntimePermission "createClassLoader";
permission java.io.FilePermission "e:\\testclass\\*", "read";
permission java.lang.RuntimePermission "getProtectionDomain";

  // "standard" properies that can be read by anyone

  permission java.util.PropertyPermission "java.version", "read";
  permission java.util.PropertyPermission "java.vendor", "read";
  permission java.util.PropertyPermission "java.vendor.url", "read";
  permission java.util.PropertyPermission "java.class.version", "read";
  permission java.util.PropertyPermission "os.name", "read";
  permission java.util.PropertyPermission "os.version", "read";
  permission java.util.PropertyPermission "os.arch", "read";
  permission java.util.PropertyPermission "file.separator", "read";
  permission java.util.PropertyPermission "path.separator", "read";
  permission java.util.PropertyPermission "line.separator", "read";

  permission java.util.PropertyPermission "java.specification.version", "read";
  permission java.util.PropertyPermission "java.specification.vendor", "read";
  permission java.util.PropertyPermission "java.specification.name", "read";

  permission java.util.PropertyPermission "java.vm.specification.version", "read";
  permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
  permission java.util.PropertyPermission "java.vm.specification.name", "read";
  permission java.util.PropertyPermission "java.vm.version", "read";
  permission java.util.PropertyPermission "java.vm.vendor", "read";
  permission java.util.PropertyPermission "java.vm.name", "read";
};

crawler edited on 2003-05-31 14:54

作者 Re:求救!!! 实在想不出来了. [Re:crawler]
menzy



版主


发贴: 754
积分: 113
于 2003-06-04 17:55 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
You haven't give out full sample codes.
Anyway, try to edit the policy file as this:
grant codeBase "file:/e:/testclass/*" {
permission java.io.FilePermission "c:\\*", "delete";
};
or:
grant codeBase "file:/e:/testclass/-" {
permission java.io.FilePermission "c:\\*", "delete";
};



flat modethreaded modego to previous topicgo to next topicgo to back
  已读帖子
  新的帖子
  被删除的帖子
Jump to the top of page

   Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent
Copyright © 2002-2021 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号-1
客服电话 18559299278    客服信箱 714923@qq.com    客服QQ 714923