Examples of FilePermission

java.io.FilePermission
This class represents access to a file or directory. A FilePermission consists of a pathname and a set of actions valid for that pathname.
Pathname is the pathname of the file or directory granted the specified actions. A pathname that ends in "/*" (where "/" is the file separator character, File.separatorChar) indicates all the files and directories contained in that directory. A pathname that ends with "/-" indicates (recursively) all files and subdirectories contained in that directory. A pathname consisting of the special token "<<ALL FILES>>" matches any file.
Note: A pathname consisting of a single "*" indicates all the files in the current directory, while a pathname consisting of a single "-" indicates all the files in the current directory and (recursively) all files and subdirectories contained in the current directory.
The actions to be granted are passed to the constructor in a string containing a list of one or more comma-separated keywords. The possible keywords are "read", "write", "execute", and "delete". Their meaning is defined as follows:

read
read permission
write
write permission
execute
execute permission. Allows Runtime.exec to be called. Corresponds to SecurityManager.checkExec.
delete
delete permission. Allows File.delete to be called. Corresponds to SecurityManager.checkDelete.

The actions string is converted to lowercase before processing.
Be careful when granting FilePermissions. Think about the implications of granting read and especially write access to various files and directories. The "<<ALL FILES>>" permission with write action is especially dangerous. This grants permission to write to the entire file system. One thing this effectively allows is replacement of the system binary, including the JVM runtime environment.
Please note: Code can always read a file from the same directory it's in (or a subdirectory of that directory); it does not need explicit permission to do so. @see java.security.Permission @see java.security.Permissions @see java.security.PermissionCollection @version 1.80 05/11/17 @author Marianne Mueller @author Roland Schemers @since 1.2 @serial exclude
org.nasutekds.server.types.FilePermission
This class provides a mechanism for setting file permissions in a more abstract manner than is provided by the underlying operating system and/or filesystem. It uses a traditional UNIX-style rwx/ugo representation for the permissions and converts them as necessary to the scheme used by the underlying platform. It does not provide any mechanism for getting file permissions, nor does it provide any way of dealing with file ownership or ACLs.

Note that the mechanism used to perform this work on UNIX systems is based on executing the chmod command on the underlying system. This should be a safe operation because the Directory Server startup scripts should explicitly specify the PATH that should be used. Nevertheless, it is possible to prevent the server from using the Runtime.exec method by setting the org.nasutekds.server.DisableExec system property with a value of "true".

Examples of java.io.FilePermission

   //*-- create the Linux script
   if (Constants.OSNAME.endsWith("x"))
   { 
    String tfile = outfile + ".sh";
    fos = new FileOutputStream(new File(tfile));
    new FilePermission(tfile, permissions);
    pw = new PrintWriter(fos);
    pw.println("#!/bin/sh");
    pw.println("#*-- Generated Linux script to run antiword");
    pw.println("export HOME=\"" + Constants.ANTIWORDDIR + "\"");
    pw.println("cd $HOME");
    pw.println("antiword \"" + ifile + "\""); 
   }
   //*-- create the windows script
   else
   { 
    String tfile = outfile + ".bat";
    fos = new FileOutputStream(new File(tfile));
    new FilePermission(tfile, permissions);
    pw = new PrintWriter(fos);
    pw.println("@ECHO OFF");
    pw.println("REM *-- Generated Windows script to run antiword");
    pw.println("set HOME=" + Constants.ANTIWORDDIR);
    pw.println("set PATH=" + Constants.CYGWINDIR + ";%PATH%");

View Full Code Here

Examples of java.io.FilePermission

    //*-- create the Linux script
    if (Constants.OSNAME.endsWith("x"))
    { 
     String tfile = outfile + ".sh";
     fos = new FileOutputStream(new File(tfile));
     new FilePermission(tfile, permissions);
     pw = new PrintWriter(fos);
     pw.println("#!/bin/sh");
     pw.println("#*-- Generated Linux script to run detex");
     pw.println("export HOME=\"" + Constants.DETEXDIR + "\"");
     pw.println("cd $HOME");
     pw.println("detex \"" + ifile + "\"");
    }
    //*-- create the windows script
    else
    { 
     String tfile = outfile + ".bat";
     fos = new FileOutputStream(new File(tfile));
     new FilePermission(tfile, permissions);
     pw = new PrintWriter(fos);
     pw.println("@ECHO OFF");
     pw.println("REM *-- Generated Windows script to run detex");
     pw.println("set HOME=" + Constants.DETEXDIR);
     pw.println("set PATH=" + Constants.CYGWINDIR + ";%PATH%");

View Full Code Here

Examples of java.io.FilePermission

 {
  PrintWriter pw = null; FileOutputStream fos = null;
  try
  {
   fos = new FileOutputStream(new File(filename));
   new FilePermission(filename, "read,execute");
   pw = new PrintWriter(fos);
   pw.println(runOutput);    
  }
  catch (IOException ie) 
  { logger.error("Could not create file" + ie.getMessage()); }

View Full Code Here

Examples of java.io.FilePermission

            (File) servletContext.getAttribute(ServletContext.TEMPDIR);
        if (workDir != null) {
            try {
                String workDirPath = workDir.getCanonicalPath();
                classLoader.addPermission
                    (new FilePermission(workDirPath, "read,write"));
                classLoader.addPermission
                    (new FilePermission(workDirPath + File.separator + "-",
                                        "read,write,delete"));
            } catch (IOException e) {
                // Ignore
            }
        }

View Full Code Here

Examples of java.io.FilePermission

                            url.toExternalForm()));
                    return;
                }
                if (f.isFile()) {
                    // Allow the file to be read
                    addPermission(new FilePermission(path, "read"));
                } else if (f.isDirectory()) {
                    addPermission(new FilePermission(path, "read"));
                    addPermission(new FilePermission(
                            path + File.separator + "-", "read"));
                } else {
                    // File does not exist - ignore (shouldn't happen)
                }
            } else {

View Full Code Here

Examples of java.io.FilePermission

                permissions = policy.getPermissions(source);


                // Create a file read permission for web app context directory
                if (!docBase.endsWith(File.separator)){
                    permissions.add
                        (new FilePermission(docBase,"read"));
                    docBase = docBase + File.separator;
                } else {
                    permissions.add
                        (new FilePermission
                            (docBase.substring(0,docBase.length() - 1),"read"));
                }
                docBase = docBase + "-";
                permissions.add(new FilePermission(docBase,"read"));


                // Spec says apps should have read/write for their temp
                // directory. This is fine, as no security sensitive files, at
                // least any that the app doesn't have full control of anyway,
                // will be written here.
                String workDir = options.getScratchDir().toString();
                if (!workDir.endsWith(File.separator)){
                    permissions.add
                        (new FilePermission(workDir,"read,write"));
                    workDir = workDir + File.separator;
                }
                workDir = workDir + "-";
                permissions.add(new FilePermission(
                        workDir,"read,write,delete"));


                // Allow the JSP to access org.apache.jasper.runtime.HttpJspBase
                permissions.add( new RuntimePermission(
                    "accessClassInPackage.org.apache.jasper.runtime") );


                if (parentClassLoader instanceof URLClassLoader) {
                    URL [] urls = ((URLClassLoader)parentClassLoader).getURLs();
                    String jarUrl = null;
                    String jndiUrl = null;
                    for (int i=0; i<urls.length; i++) {
                        if (jndiUrl == null
                                && urls[i].toString().startsWith("jndi:") ) {
                            jndiUrl = urls[i].toString() + "-";
                        }
                        if (jarUrl == null
                                && urls[i].toString().startsWith("jar:jndi:")
                                ) {
                            jarUrl = urls[i].toString();
                            jarUrl = jarUrl.substring(0,jarUrl.length() - 2);
                            jarUrl = jarUrl.substring(0,
                                     jarUrl.lastIndexOf('/')) + "/-";
                        }
                    }
                    if (jarUrl != null) {
                        permissions.add(
                                new FilePermission(jarUrl,"read"));
                        permissions.add(
                                new FilePermission(jarUrl.substring(4),"read"));
                    }
                    if (jndiUrl != null)
                        permissions.add(
                                new FilePermission(jndiUrl,"read") );
                }
            } catch(Exception e) {
                context.log("Security Init for context failed",e);
            }
        }

View Full Code Here

Examples of java.io.FilePermission

                permissionCollection = policy.getPermissions(codeSource);


                // Create a file read permission for web app context directory
                if (!docBase.endsWith(File.separator)){
                    permissionCollection.add
                        (new FilePermission(docBase,"read"));
                    docBase = docBase + File.separator;
                } else {
                    permissionCollection.add
                        (new FilePermission
                            (docBase.substring(0,docBase.length() - 1),"read"));
                }
                docBase = docBase + "-";
                permissionCollection.add(new FilePermission(docBase,"read"));


                // Create a file read permission for web app tempdir (work)
                // directory
                String workDir = options.getScratchDir().toString();
                if (!workDir.endsWith(File.separator)){
                    permissionCollection.add
                        (new FilePermission(workDir,"read"));
                    workDir = workDir + File.separator;
                }
                workDir = workDir + "-";
                permissionCollection.add(new FilePermission(workDir,"read"));


                // Allow the JSP to access org.apache.sling.scripting.jsp.jasper.runtime.HttpJspBase
                permissionCollection.add( new RuntimePermission(
                    "accessClassInPackage.org.apache.jasper.runtime") );
            } catch (final Exception e) {

View Full Code Here

Examples of java.io.FilePermission

                }
                permission = new JndiPermission(path + "*");
                addPermission(permission);
            } else {
                if (!path.endsWith(File.separator)) {
                    permission = new FilePermission(path, "read");
                    addPermission(permission);
                    path = path + File.separator;
                }
                permission = new FilePermission(path + "-", "read");
                addPermission(permission);
            }
        }
    }

View Full Code Here

Examples of java.io.FilePermission

    String osArch = System.getProperty("os.arch");


    // The fix of 4531469
    if ((osName.equals("Solaris") || osName.equals("SunOS")) &&
        osArch.equals("sparc")) {
        FilePermission fp =
      new FilePermission("/usr/bin/uname","execute");
        securityManager.checkPermission(fp);
    }
            }


            Boolean result = (Boolean)

View Full Code Here

Examples of java.io.FilePermission

        if (__userURL.toString().endsWith("/modules/jetty/") ||
            __userURL.toString().endsWith("/modules/jetty"))
        {
            __userURL=new URL(__userURL.toString()+
                              "src/test/java/org/mortbay/resource/");
            FilePermission perm = (FilePermission)
                __userURL.openConnection().getPermission();
            __userDir=new File(perm.getName()).getCanonicalPath()+File.separatorChar;
            __relDir="src/test/java/org/mortbay/resource/"
                .replace('/',File.separatorChar);
        }
        else
        {
            __userURL=new URL(__userURL.toString()+
                              "modules/jetty/src/test/java/org/mortbay/resource/");
            FilePermission perm = (FilePermission)
                __userURL.openConnection().getPermission();
            __userDir=new File(perm.getName()).getCanonicalPath()+File.separatorChar;
            __relDir="modules/jetty/src/test/java/org/mortbay/resource/"
                .replace('/',File.separatorChar);
        }
        
        System.err.println("User Dir="+__userDir);

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.