Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / March 2007

Tip: Looking for answers? Try searching our database.

Changing Java Security Policy

Thread view: 
Enable EMail AlertsStart New Thread
CalAmity! - 23 Mar 2007 12:50 GMT
Hi all,

I have a question.
Can we change the java security policy once I have started executing
java code.
Or simply put - Can I change the security policy from within a java
program  ??

Thanks,
Amit
Reply to this Message
Tom Hawtin - 23 Mar 2007 13:15 GMT
> Can we change the java security policy once I have started executing
> java code.
> Or simply put - Can I change the security policy from within a java
> program  ??

Yes...

... but you require the relevant security permissions to do it.

Java Security is a non-trivial subject.

Tom Hawtin
Reply to this Message
CalAmity! - 23 Mar 2007 13:22 GMT
> > Can we change the java security policy once I have started executing
> > java code.
[quoted text clipped - 8 lines]
>
> Tom Hawtin

How ?? Can you please elaborate.
Reply to this Message
Andrew Thompson - 23 Mar 2007 13:26 GMT
..
> How ?? Can you please elaborate.

Can you please fix that sticky '?' key?
(See my post for link to an SSCCE.)

Andrew T.
Reply to this Message
CalAmity! - 23 Mar 2007 13:32 GMT
> ..
>
[quoted text clipped - 4 lines]
>
> Andrew T.

Uhhh...
Ok - let me elaborate more.
Say I write a java class.
I launch the class from command-line enabling java security.
*Now* - say I wanna load a different policy for my java security
through this class while it is still executing.
Is that possible ?

Thanks in advance.
Reply to this Message
Andrew Thompson - 23 Mar 2007 13:49 GMT
..
> Ok - let me elaborate more.

Oh, you have decided to 'toss us another
morsel of your delicious question', is
that it?

<DWS>
How nice of you..
</DWS>

How about, instead of this cat and mouse
crap, you tell us.  What you are trying to
achieve for the end user?  What ability do
you wish to deliver to the end user, by
'changing' the security environment after
application start-up?

Andrew T.
Reply to this Message
CalAmity! - 23 Mar 2007 14:09 GMT
> ..
>
[quoted text clipped - 16 lines]
>
> Andrew T.

Andrew - you are such an *a.shole*.
Why don't you SHUT THE f.ck UP if you don't have a solution.

Stop enlightening us with your SILLY remarks!
Jerk!!
Reply to this Message
Joshua Cranmer - 23 Mar 2007 22:34 GMT
>> ..
>>
[quoted text clipped - 21 lines]
> Stop enlightening us with your SILLY remarks!
> Jerk!!

They're not silly: they're trying to be informative. "Java security" is
a broad topic, so asking "How do I do XXX in Java security" is often
times too vague to answer fully. By providing more forthcoming
information, the respondents to your questions are able to guide you in
a way that might be more sensibly-minded than a kludgy method by a user
who is less informed of the available APIs.

Included in the rules of good question-asking are:
@  Try to be as complete as possible.
@  Don't try and diagnose your own problem.

Finally, I should add this: there was no warrant for vehemently swearing
at Andrew. He was trying to be helpful, and you just blasted away at
him. Perhaps you might want to listen to your own remarks?
Reply to this Message
Lew - 23 Mar 2007 22:50 GMT
>> ..
>>
[quoted text clipped - 21 lines]
> Stop enlightening us with your SILLY remarks!
> Jerk!!

How about instead of name-calling and abuse, you provide enough information
for people actually to help you?

Potty mouth.

-- Lew
Reply to this Message
Andrew Thompson - 23 Mar 2007 13:17 GMT
..
> ..Can I change the security policy from within a java
> program  ??

Here is an example of replacing the current
security manager with one that is more strict..
<http://groups.google.com/group/comp.lang.java.programmer/msg/
f29ab45389d9f5f2>

HTH

Andrew T.
Reply to this Message
Tom Hawtin - 23 Mar 2007 13:24 GMT
> ..
>> ..Can I change the security policy from within a java
[quoted text clipped - 4 lines]
> <http://groups.google.com/group/comp.lang.java.programmer/msg/
> f29ab45389d9f5f2>

And here's an example of the opposite...

http://jroller.com/page/tackline?entry=mixed_certification_an_example
http://jroller.com/page/tackline?entry=system_setsecuritymanager_null

Tom Hawtin
Reply to this Message
Andrew Thompson - 23 Mar 2007 14:58 GMT
> > ..
> >> ..Can I change the security policy from within a java
> >> program  ??
>
> > Here is an example of replacing the current
> > security manager with one that is more strict..
...
> And here's an example of the opposite...
>
> http://jroller.com/page/tackline?entry=mixed_certification_an_examplehttp://jrol
ler.com/page/tackline?entry=system_setsecuritymanager_null

I only checked one of the URL's, but all I
saw was an *assertion*.  The assertion was
that this line of code..
 System.setSecurityManager(null);
..could be called from within an applet to
remove the security manager.

OK - lets turn that into a simple *example*.

<sscce>
import java.applet.Applet;

public class NoSecurityApplet extends Applet {
 public void init() {
   try {
     System.out.println("java.version: " +
       System.getProperty("java.version") );
     System.setSecurityManager(null);
   } catch(Throwable t) {
     t.printStackTrace();
   }
 }
}
</sscce>

Both AppletViewer and IE produced similar
results, here is the output from AppletViewer.

java.version: 1.6.0
java.security.AccessControlException: access denied
(java.lang.RuntimePermission
setSecurityManager)
  at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:
323)
  at
java.security.AccessController.checkPermission(AccessController.java:
546)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:
532)
  at java.lang.System.setSecurityManager0(System.java:273)
  at java.lang.System.setSecurityManager(System.java:264)
  at NoSecurityApplet.init(NoSecurityApplet.java:8)
  at sun.applet.AppletPanel.run(AppletPanel.java:417)
  at java.lang.Thread.run(Thread.java:619)

So.  I feel fairly confident in calling
that assertion 'a load of old cobblers'.
If it was a security bug in some obscure
old version of the JVM - it has apparently
been fixed* (as I would have expected).

( * Fortunately, to spare us the the idiotic
games of people like this foul mouthed OP. ;)

Andrew T.
Reply to this Message
Andrew Thompson - 23 Mar 2007 15:36 GMT
> > > ..
> > >> ..Can I change the security policy from within a java
[quoted text clipped - 8 lines]
>
> I only checked one of the URL's, ..

..and the rest of this post was actually about
the *other* one (D'Oh!).  That URL was..
<http://jroller.com/page/tackline?
entry=system_setsecuritymanager_null>

> ..here is the output..

..and some more, from the other two VM's
I have lying around, which can be called up
in a browser (or a close facsimile of a
browser, as the case may be).

MSVM (build 3810, AFAIU - 'Release 5.0.0.3310')
________________________________________________________
java.version: 1.1.4
java.lang.SecurityException: SecurityManager already set
  at java/lang/System.setSecurityManager
  at NoSecurityApplet.init
...

Symantec VM
________________________________________________________
Netscape Communications Corporation -- Java 1.1.5

Type '?' for options.

Symantec Java! ByteCode Compiler Version 210.065
Copyright (C) 1996-97 Symantec Corporation
java.version: 1.1.5

java.lang.SecurityException: SecurityManager already set
 at java.lang.Throwable.<init>(Compiled Code)
...

Andrew T.
Reply to this Message
Tom Hawtin - 23 Mar 2007 16:53 GMT
> I only checked one of the URL's, but all I
> saw was an *assertion*.  The assertion was
> that this line of code..
>   System.setSecurityManager(null);
> ..could be called from within an applet to
> remove the security manager.

Funnily enough, you have to sign the class (and accept the certificate).

Then non-signed code in the same JVM has full reign.

So if Alice signs a class that clears the security manager. Bob accepts
classes signed by Alice, and so drops his security. Eve produces
malicious classes that make use of Bob's lack of security.

> So.  I feel fairly confident in calling
> that assertion 'a load of old cobblers'.
> If it was a security bug in some obscure
> old version of the JVM - it has apparently
> been fixed* (as I would have expected).

It's not a bug in the JVM. It's a flaw in the signed code. Any
certificate that has ever been used to sign this sort of code must, in
my personal opinion, be revoked.

Tom Hawtin
Reply to this Message
Andrew Thompson - 23 Mar 2007 15:07 GMT
..
> http://jroller.com/page/tackline?entry=mixed_certification_an_example

But I have to admit, I do not yet understand
this one.  If the app. has already been granted
full permissions (as the example mentions), I
would expect it to be able to ..
- change security managers at any time
- edit policy files at will
- upload all your private information to a
malicious  site,
- wipe parts of your drives,
- ...

Why would it be amazing that it can have
further effects on security?

Andrew T.
Reply to this Message
Tom Hawtin - 23 Mar 2007 16:58 GMT
> But I have to admit, I do not yet understand
> this one.  If the app. has already been granted
[quoted text clipped - 9 lines]
> Why would it be amazing that it can have
> further effects on security?

If the classes granted full permission interfere with the process'
security, then other 'untrusted' classes running in the same process can
e-mail your credit card details to Eastern Europe, your porn stash to
your boss, etc.

Tom Hawtin
Reply to this Message
Andrew Thompson - 24 Mar 2007 02:59 GMT
> > ..I do not yet understand this one.  
...
> > Why would it be amazing that it can have
> > further effects on security?
[quoted text clipped - 3 lines]
> e-mail your credit card details to Eastern Europe, your porn stash to
> your boss, etc.

Thanks for clarifying.  That makes it somewhat
clearer to me.

That is not good, but OTOH, it is a relatively
specific and (I imagine) rare circumstance.
Each web start app. gets its own JVM, doesn't
it?

Andrew T.
Reply to this Message
pkriens - 25 Mar 2007 09:44 GMT
> Hi all,
>
[quoted text clipped - 3 lines]
> Or simply put - Can I change the security policy from within a java
> program  ??
Yes, you can. However, not as some suggest by changing the security
manager. That is a singleton that can be set once.

So changing the policy dynamically on the fly requires collaborating
Protection Domains, which are used by the classloaders to check the
security. Though the Policy class can be replaced to provide new
policies, this is usually a one tome case only.

If you have a strong need for this, I suggest you take a look at the
OSGi Service Platform. (www.osgi.org) which is build into Eclipse. In
this platform there are two different security admin services:
ConditionalPermissionAdmin and PermissionAdmin. These services allow
you to set the permissions of a bundle/jar on the fly and as many
times as you like. New permissions take effect immediately.

Kind regards,

  Peter Kriens
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.