Java/Security/Grant — различия между версиями
Admin (обсуждение | вклад) м (1 версия) |
|
(нет различий)
|
Текущая версия на 06:48, 1 июня 2010
Содержание
- 1 grant ability to create and write c:\temp\myfile
- 2 grant ability to delete any file or directory in c:\temp\mydir
- 3 grant ability to execute (see Runtime.exec()) the file c:\java.exe
- 4 grant ability to list files in the user"s home directory
- 5 grant ability to read all properties that start with "myprops."
- 6 grant ability to read all system properties
- 7 grant ability to read and write all system properties
- 8 grant ability to read and write any file in current directory
- 9 grant ability to read and write the "myprop" system properties
- 10 grant ability to read any file
- 11 grant ability to read any file or directory under c:\temp
- 12 grant ability to read any file under current directory
- 13 grant ability to write all system properties
- 14 grant ability to write the "myprop" system properties
- 15 grant all classes loaded from h1.com ability to read \temp\myfile
- 16 grant all classes loaded from h1.com ability to read the "myprop" system properties
- 17 Policy File: Give permission to execute all runtime-protected methods
- 18 Policy File: Give permission to read all system properties
- 19 Policy File: Use policytool to create or edit an existing policy file
grant ability to create and write c:\temp\myfile
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "c:\\temp\\myfile", "write";
};
grant ability to delete any file or directory in c:\temp\mydir
grant codeBase "http://127.0.0.1/*" {
permission java.io.FilePermission "c:\\temp\\mydir\*", "delete";
};
grant ability to execute (see Runtime.exec()) the file c:\java.exe
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "c:\\java.exe", "execute";
};
grant ability to list files in the user"s home directory
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "${user.home}", "read";
};
grant ability to read all properties that start with "myprops."
grant codeBase "http://127.0.0.1/-" {
permission java.util.PropertyPermission "myprops.*", "read";
};
grant ability to read all system properties
grant codeBase "http://127.0.0.1/-" {
permission java.util.PropertyPermission "*", "read";
};
grant ability to read and write all system properties
grant codeBase "http://127.0.0.1/-" {
permission java.util.PropertyPermission "*", "read,write";
};
grant ability to read and write any file in current directory
// Note: this is equivalent to ${user.dir}/*
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "*", "read,write";
};
grant ability to read and write the "myprop" system properties
grant codeBase "http://127.0.0.1/-" {
permission java.util.PropertyPermission "myprop", "read,write";
};
grant ability to read any file
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "<<ALL FILES>>", "read";
};
grant ability to read any file or directory under c:\temp
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "c:\\temp\\-", "read";
};
grant ability to read any file under current directory
// Note: this is equivalent to ${user.dir}/-
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "-", "read";
};
grant ability to write all system properties
grant codeBase "http://127.0.0.1/-" {
permission java.util.PropertyPermission "*", "write";
};
grant ability to write the "myprop" system properties
grant codeBase "http://127.0.0.1/-" {
permission java.util.PropertyPermission "myprop", "write";
};
grant all classes loaded from h1.com ability to read \temp\myfile
grant codeBase "http://127.0.0.1/-" {
permission java.io.FilePermission "c:\\temp\\myfile", "read";
};
grant all classes loaded from h1.com ability to read the "myprop" system properties
grant codeBase "http://127.0.0.1/-" {
permission java.util.PropertyPermission "myprop", "read";
};
Policy File: Give permission to execute all runtime-protected methods
grant codeBase "file:${user.home}/*" {
// Give permission to execute all runtime-protected methods
permission java.lang.RuntimePermission "*";
};
Policy File: Give permission to read all system properties
grant codeBase "http://java.sun.ru/-" {
// Give permission to read all system properties
permission java.util.PropertyPermission "*", "read";
};
Policy File: Use policytool to create or edit an existing policy file
c:\jdk\policytool -file .policy
keystore ".keystore";
grant signedBy "yourName" {
permission java.io.FilePermission "${user.dir}/-", "read";
};
grant codeBase "http://someserver/myjar.jar" {
permission java.util.PropertyPermission "file.encoding", "read";
}