Java/Security/Grant

Материал из Java эксперт
Перейти к: навигация, поиск

grant ability to create and write c:\temp\myfile

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "c:\\temp\\myfile", "write";
    };





grant ability to delete any file or directory in c:\temp\mydir

 
    grant codeBase "http://127.0.0.1/*" {
        permission java.io.FilePermission "c:\\temp\\mydir\*", "delete";
    };





grant ability to execute (see Runtime.exec()) the file c:\java.exe

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "c:\\java.exe", "execute";
    };





grant ability to list files in the user"s home directory

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "${user.home}", "read";
    };





grant ability to read all properties that start with "myprops."

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.util.PropertyPermission "myprops.*", "read";
    };





grant ability to read all system properties

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.util.PropertyPermission "*", "read";
    };





grant ability to read and write all system properties

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.util.PropertyPermission "*", "read,write";
    };





grant ability to read and write any file in current directory

 
    // Note: this is equivalent to ${user.dir}/*
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "*", "read,write";
    };





grant ability to read and write the "myprop" system properties

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.util.PropertyPermission "myprop", "read,write";
    };





grant ability to read any file

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "<<ALL FILES>>", "read";
    };





grant ability to read any file or directory under c:\temp

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "c:\\temp\\-", "read";
    };





grant ability to read any file under current directory

 
    // Note: this is equivalent to ${user.dir}/-
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "-", "read";
    };





grant ability to write all system properties

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.util.PropertyPermission "*", "write";
    };





grant ability to write the "myprop" system properties

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.util.PropertyPermission "myprop", "write";
    };





grant all classes loaded from h1.com ability to read \temp\myfile

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.io.FilePermission "c:\\temp\\myfile", "read";
    };





grant all classes loaded from h1.com ability to read the "myprop" system properties

 
    grant codeBase "http://127.0.0.1/-" {
        permission java.util.PropertyPermission "myprop", "read";
    };





Policy File: Give permission to execute all runtime-protected methods

 
    grant codeBase "file:${user.home}/*" {
        // Give permission to execute all runtime-protected methods
        permission java.lang.RuntimePermission "*";
    };





Policy File: Give permission to read all system properties

 
    grant codeBase "http://java.sun.ru/-" {
        // Give permission to read all system properties
        permission java.util.PropertyPermission "*", "read";
    };





Policy File: Use policytool to create or edit an existing policy file

 
c:\jdk\policytool -file .policy
    
    keystore ".keystore";
    grant signedBy "yourName"  {
          permission java.io.FilePermission "${user.dir}/-", "read";
    };
    grant codeBase "http://someserver/myjar.jar" {
        permission java.util.PropertyPermission "file.encoding", "read";
    }


Источник — «http://jexp.ru/index.php?title=Java/Security/Grant&oldid=7615»