Java Reference
In-Depth Information
overriding version of the
checkDelete()
method could examine the file name
and path to determine if a deletion should be permitted.
This approach to security, however, requires hard-coding and is very clumsy
considering the large number of different types of system access operations now
available to Java programs. With Java 1.2 a much more flexible
permissions
based
security system was introduced. In this approach, a security
policy file
,which is
atext file and therefore easily modifiable, is checked by the security manager
to determine if particular actions can be granted. Anything that isn't explicitly
granted is forbidden.
Forexample, suppose the policy file
myRules.policy
contains the entry
grant codeBase "file:C:/Java/apps/"{
permission java.io.FilePermission "*.tmp", "delete";
};
This policy specification allows the application to delete those files in the direct-
ory
C:
\
Java
\
apps
\
that end with the
“
.tmp
„
suffix but no others. We
discuss more about the details of the policy file and permissions in Section 14.5.3.
With this new security design, an application specifies the security manager
parameters from the command line using the
-D
option rather than in program
code:
c:> java -Djava.security.manager -Djava.security.policy
=myRules.policy MyApp
(The continuous line is broken here to fit within page margins.) This approach
to configuring the security for access to the system provides for much greater
flexibility and clarity than customizing a
SecurityManager
subclass that must
be recompiled after every modification.
14.5.2 Policy file for the server
We use our
MicroServer
to illustrate how to set up the security permissions
for file access. Without these changes, there are no protections that prevent the
client from requesting any file on the system. To control access to files, we create
the policy file
microServer.policy
in which we put the following code:
grant codeBase "file:C:/Java/MicroServer/Secure/"
{
permission java.net.SocketPermission "localhost:1024-",
"accept,connect,listen";
permission java.io.FilePermission "/-", "read";
};
The server must access sockets and, since this is an external resource, a permission
statement is required. So in the above
grant
statement, we permit the program to
listen for, accept, and connect with any socket on a port numbered
“
1024
„
and
Search WWH ::
Custom Search