In the event one wants to use a wide open security policy on the client side of an RMI program, it is recommended that the policy be made specific to the directory containing RMI code. Is it always possible to do so?

Avi Kak

Yes, but with a big qualification, as explained below.

During the initial phases of RMI code development, it is not uncommon for programmers to use the can-do-anything-it-wants policy on the client side, as given by


  grant {
    permission java.security.Allpermissions;
  };

But this is obviously unsafe. A recommended alternative is to make this wide-open policy specific to the directory containing the RMI code on the client side:

  grant codebase "file:/RMI5.d/" {
    permission java.security.Allpermissions;
  };

where the directory RMI5.d contains the client side RMI code. But a problem with this policy declaration is that the can-do-anything-it-wants applies only to the code in the RMI5.d directory. It does not apply to any classes the client might download from a remote site. So if your client is engaged in dynamic loading of classes, the above directory-specific wide-open policy will not work because the downloaded code would still get sandboxed.

If you must use a wide open policy for convenience and your RMI application is doing dynamic loading of classes, you'd need to add another declaration to your client-side policy file, the additional declaration would mention the source of the downloaded code. For example, if for the sake of demonstration I wanted to use a wide-open policy for running the the bootstrap loading example of the jGuru RMI tutorial, I'd change the following statement from main() of the RMIClientLoader.java file


    System.setSecurityManager(  
      new RMIClientBootstrapSecurityManager());

to

    System.setSecurityManager(  
      new RMISecurityManager());

and then use the following policy file on the client side

//////   client file: policy   //////

  grant codebase "file:/RMI5.d/" {
    permission java.security.AllPermission;
  };
  grant codebase "http://rvl4.ecn.purdue.edu/"  {
    permission java.security.AllPermission;
  };

where the first "grant" gives the can-do-anything-it-wants privileges to the client-side RMI code in the directory "RMI5.d" and where the second "grant" gives the same privileges to the code downloaded from the HTTP service provided by rvl4.ecn.purdue.edu. You can put this policy file into effect by using the following runclient.bat:

//////  client file:  runclient.bat  //////

  java -Djava.security.policy=/RMI5.d/policy -Djava.rmi.server.codebase=http://rvl4.ecn.purdue.edu:2002/ RMIClientLoader

where you'd need to make obvious substitutions for the strings "RMI5.d" and "rvl4.ecn.purdue.edu".
0 Comments  (click to add your comment)
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

About | Sitemap | Contact