Java Reference
In-Depth Information
overriding version of the checkDelete() method could examine the file name
and path to determine if a deletion should be permitted.
This approach to security, however, requires hard-coding and is very clumsy
considering the large number of different types of system access operations now
available to Java programs. With Java 1.2 a much more flexible permissions based
security system was introduced. In this approach, a security policy file ,which is
atext file and therefore easily modifiable, is checked by the security manager
to determine if particular actions can be granted. Anything that isn't explicitly
granted is forbidden.
Forexample, suppose the policy file myRules.policy contains the entry
grant codeBase "file:C:/Java/apps/"{
permission java.io.FilePermission "*.tmp", "delete";
};
This policy specification allows the application to delete those files in the direct-
ory C: \ Java \ apps \
that end with the .tmp suffix but no others. We
discuss more about the details of the policy file and permissions in Section 14.5.3.
With this new security design, an application specifies the security manager
parameters from the command line using the -D option rather than in program
code:
c:> java -Djava.security.manager -Djava.security.policy
=myRules.policy MyApp
(The continuous line is broken here to fit within page margins.) This approach
to configuring the security for access to the system provides for much greater
flexibility and clarity than customizing a SecurityManager subclass that must
be recompiled after every modification.
14.5.2 Policy file for the server
We use our MicroServer to illustrate how to set up the security permissions
for file access. Without these changes, there are no protections that prevent the
client from requesting any file on the system. To control access to files, we create
the policy file microServer.policy in which we put the following code:
grant codeBase "file:C:/Java/MicroServer/Secure/"
{
permission java.net.SocketPermission "localhost:1024-",
"accept,connect,listen";
permission java.io.FilePermission "/-", "read";
};
The server must access sockets and, since this is an external resource, a permission
statement is required. So in the above grant statement, we permit the program to
listen for, accept, and connect with any socket on a port numbered 1024 and
Search WWH ::




Custom Search