avalon-phoenix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pomfret, Nick (SQ)" <pom...@bp.com>
Subject security policy question
Date Fri, 29 Nov 2002 10:25:37 GMT
We are trying to prevent a 3rd party jar file from calling System.exit in
our Phoenix application.


In order to achieve this, we tried modifying the policy grants in
environment.xml in order to generate some security exceptions.  We were
unable to stop all permissions being grated to our application.  For
example:

<policy>
        <grant code-base="sar:SAR-INF/lib/*">
            <permission class="java.io.FilePermission"
                    target="${app.home}/*"
                    actions="read,write" />
        </grant>
</policy>

This allowed sockets to be created, something I would have though would only
be possible if SocketPermission was granted.

How do I revoke permissions (RuntimePermission in particular) for a
particular jar file?

Nick Pomfret

--
To unsubscribe, e-mail:   <mailto:avalon-phoenix-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-phoenix-dev-help@jakarta.apache.org>


Mime
View raw message