Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / November 2004

Tip: Looking for answers? Try searching our database.

Checking whether user has access to file/folder

Thread view: 
Enable EMail AlertsStart New Thread
AM - 29 Nov 2004 23:07 GMT
Hi,

I was wondering hwo to go about making sure that a user has access to
read or write to a folder/file on the local/network file system given
just the path from Java. I have a simple test program:

import java.io.*;
import java.lang.*;

public class FileCheck {
 public static void main(String[] args) {
   if (args.length < 1) {
     System.out.println("Please provide the path to the file to
process.");
     return;
   }

   String filePath = args[0];
   SecurityManager sm = System.getSecurityManager();
    if (sm == null) {
      System.out.println("Whoops!! Security manager not found.");
    }
    else {
      sm.checkRead(filePath);
      sm.checkWrite(filePath);
    }
 }
}

which I run as:
java -Djava.security.manager FileCheck <<path to file/folder>>

The problem:
Read access check succeeds for any files in the folder from where I
run the app, however Write access fails everywhere and Read access
fails everywhere outside the folder from which it is run.

TraceBack:
java.security.AccessControlException: access denied
(java.io.FilePermission FileCheck.java write)
       at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
       at java.security.AccessController.checkPermission(AccessController.java:401)
       at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
       at java.lang.SecurityManager.checkWrite(SecurityManager.java:954)
       at FileCheck.main(FileCheck.java:20)

I have also tried using FilePermission:
      FilePermission fp = new FilePermission(filePath, "read");
      sm.checkPermission(fp);
      fp = new FilePermission(filePath, "write");
      sm.checkPermission(fp);
Traceback:
java.security.AccessControlException: access denied
(java.io.FilePermission FileCheck.java write)
       at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
       at java.security.AccessController.checkPermission(AccessController.java:401)
       at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
       at FileCheck.main(FileCheck.java:18)

What I would like to be able to do is is the user on that system has
the right to read/write a file system resource, irrespective of where
its run from.

Any help would be greatly appreciated.

TIA
AM
Reply to this Message
Chris - 30 Nov 2004 00:18 GMT
Chris - 30 Nov 2004 00:21 GMT
Hi AM

Check this site for Java Applets that access local file systems, it may
gib=ve you a lead.

http://www.jensign.com/JavaScience/www/index.html

All the best

Chris

> Hi,
>
[quoted text clipped - 39 lines]
:269)
>         at
java.security.AccessController.checkPermission(AccessController.java:401)
>         at
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
>         at java.lang.SecurityManager.checkWrite(SecurityManager.java:954)
>         at FileCheck.main(FileCheck.java:20)
[quoted text clipped - 10 lines]
:269)
>         at
java.security.AccessController.checkPermission(AccessController.java:401)
>         at
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
>         at FileCheck.main(FileCheck.java:18)
>
[quoted text clipped - 6 lines]
> TIA
> AM
Reply to this Message
Almut Herzog - 30 Nov 2004 08:01 GMT
> Hi,
>
[quoted text clipped - 4 lines]
> import java.io.*;
> import java.lang.*;

By default, your application when run under a security manager has
access to files in the directory from which the app is run. That makes
sense because otherwise your app would not even be allowed to start.

If you want to read/write elsewhere in the file system you need to
give permissions to your code in a policy file. If you want to go
there, you should put your code in a jar file (give it a package name
also!) and then make a policy file MyPolicyFile.txt like

grant "file:/this/is/my/code.jar" {
permission java.io.FilePermission "/tmp/a", "read,write";
}

run your code with something like:
java -Djava.security.manager
-Djava.security.policy=/tmp/MyPolicyFile.txt -classpath
/this/is/my/code.jar mypackagename.FileCheck /tmp/a

Hope that helps.
Reply to this Message
AM - 30 Nov 2004 16:48 GMT
> By default, your application when run under a security manager has
> access to files in the directory from which the app is run. That makes
[quoted text clipped - 15 lines]
>
> Hope that helps.

Thanks so much for clarifying, wonder why I couldnt find that solution
on the web. Thanks to Chris too for pointing me to the resource.
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.