How do I use the security manager to grant persissions for the servlet to call the java.lang.Runtime.exec() method to run a native application on the server?

Jeff Williams

On most app servers, the sandbox is not enabled, so all you have to do is call Runtime.exec().

You must be VERY careful about checking the parameters -- especially if they were derived from the HTTP request. Remember RULE #1 for web app programming is "NEVER trust the HTTP request." A hacker can manipulate all the headers, parameters, form data, hidden fields, etc... Client side checking (JavaScript) is meaningless to security.

IF you have enabled the sandbox on your server, then you simply have to have a Policy file that grants exec permission on that file. See Security Permissions for a great description of the permissions and their risks.

// Grant to code in foobar directory
grant codeBase "file:/foobar/-"
permission java.io.FilePermission "${/}bin${/}myapplication", "read,exec";

You also want to be very sure about the native app you are calling with exec. If it hangs and you are blocked reading from the child, you're toast. I wrote a framework that starts a separate monitoring thread and calls child.destroy() if the timeout is reached. Good luck!