Restricting access based on class.
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Sathya_Sekar
Posted On:   Wednesday, December 17, 2003 11:12 AM

Hello, Ourt application consists of a thin Java layer running over a database into which custom Java packages are saved. Based on the client requests, the relevant Java packages are retrieved, parsed and the required classes are loaded in by our custom class-loader. Obviously, this means that the custom program could do something malicious - like deleting files from my the file system, connecting to the database and corrupting the data etc. So we want to restrict access on the file system and database to the custom classes. But at the same time, our own classes should be able to write and read from the file system freely. I know that there is something we can do with the AccessController or Secu   More>>

Hello,


Ourt application consists of a thin Java layer running over a database into which custom Java packages are saved. Based on the client requests, the relevant Java packages are retrieved, parsed and the required classes are loaded in by our custom class-loader.



Obviously, this means that the custom program could do something malicious - like deleting files from my the file system, connecting to the database and corrupting the data etc. So we want to restrict access on the file system and database to the custom classes. But at the same time, our own classes should be able to write and read from the file system freely.



I know that there is something we can do with the AccessController or SecurityManager - but well, I just could not understand from the documentation how to set permissions at a more granular level as is required by us (for example, allow all "java.* and com.mypackage.*" packages to read/write from system but no one else should be able to access the file system).



Any inputs on this would be most welcome. Any links to easy understanding of this ?


Thanks,

Sathya    <<Less
About | Sitemap | Contact