dcsimg
How do i grant a privilege to code using doPrivileged method?
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Sarah_AL
Posted On:   Monday, June 30, 2008 11:17 AM

Hello! I'm having difficulty understanding how the doPrivileged() method works! If i have an Admin and a user codes, and the admin can delete a file where as the user cant! Furthermore, the delete code in the admin is marked privileged... now if the user is attempting to make a call to the admin code in order to delete a file, then what will stop the user from doing so!? knowing that the check algorithm will stop at the admin's code without checking the caller's privileges!? does the security in this case depend on the programmer not to make such mistake of granting the delete method a privileged sign? Thanks :confused:    More>>

Hello!

I'm having difficulty understanding how the doPrivileged() method works!

If i have an Admin and a user codes, and the admin can delete a file where as the user cant! Furthermore, the delete code in the admin is marked privileged...

now if the user is attempting to make a call to the admin code in order to delete a file, then what will stop the user from doing so!? knowing that the check algorithm will stop at the admin's code without checking the caller's privileges!?

does the security in this case depend on the programmer not to make such mistake of granting the delete method a privileged sign?

Thanks :confused:

   <<Less
About | Sitemap | Contact