Date: Tue, 11 Aug 1998 12:20:35 -0400 (EDT)
From: Robert Watson <rwatson@tis.com>
To: java-security@java.sun.com
Subject: jdk1.2beta3/4 changes in codeBase interpretation for permissions
This email is with regards to a change moving from jdk1.2beta3 to jdk1.2beta4.
Under 1.2beta3, we were able to specify permissions to apply to locally loaded
code by using the "file:/" codebase in the Java policy file. Under
jdk1.2beta4, however, this no longer appears to work. Here is some source
code and some sample policy files:
::::::::::::::
test-policy-1
::::::::::::::
grant {
// permission java.security.AllPermission;
};
::::::::::::::
test-policy-2
::::::::::::::
grant {
permission java.security.AllPermission;
};
::::::::::::::
test-policy-3
::::::::::::::
grant codeBase "file:/" {
permission java.security.AllPermission;
};
The first policy file grants no permissions beyond those allowed in the system-
wide policy file. The second grants AllPermission to all code running in
the jvm. The third grants AllPermission to only code loaded from codeBase
file:/.
The test program simply checks the current context for AllPermission:
import java.security.*;
public class test {
public static void main(String argv[]) {
AllPermission a = new AllPermission();
AccessController.checkPermission(a);
System.out.println("test ran OK");
}
}
Under both jdk1.2beta3 and jdk1.2beta4, the test program is run using each
of the policy files.
1.2beta3:
% javac test.java
% java -new -Djava.security.manager -usepolicy:test-policy-1 test
java.security.AccessControlException: access denied (java.security.AllPermission <all permissions> <all actions>)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:155)
at java.security.AccessController.checkPermission(AccessController.java:279)
at test.main(test.java:7)
% java -new -Djava.security.manager -usepolicy:test-policy-2 test
test ran OK
% java -new -Djava.security.manager -usepolicy:test-policy-3 test
test ran OK
1.2beta4:
% javac test.java
% java -Djava.security.manager -Djava.security.policy=test-policy-1 test
Exception in thread "main" java.security.AccessControlException: access denied (java.security.AllPermission <all permissions> <all actions>)
at java.security.AccessControlContext.checkPermission(Compiled Code)
at java.security.AccessController.checkPermission(Compiled Code)
at test.main(Compiled Code)
% java -Djava.security.manager -Djava.security.policy=test-policy-2 test
test ran OK
% java -Djava.security.manager -Djava.security.policy=test-policy-3 test
Exception in thread "main" java.security.AccessControlException: access denied (java.security.AllPermission <all permissions> <all actions>)
at java.security.AccessControlContext.checkPermission(Compiled Code)
at java.security.AccessController.checkPermission(Compiled Code)
at test.main(Compiled Code)
(this is also tested with -Djava.security.policy==test-policy-*)
Under 1.2beta4, the final test (where the policy file provided AllPermission
to "file:/" codeBase) fails where under 1.2beta3 it succeeded.
How can we apply permissions to local code loaded by the default class
loader? This feature under beta3 was extremely useful in providing
privileges to local code but not to remote code.