Java应用程序是否有获得root权限的方法? [英] Is there a way for a Java app to gain root permissions?
问题描述
当运行 Files.walk(Paths.get(/ var /))。count()作为非特权用户时,执行可能会抛出异常是 / var / 中的文件夹,需要遍历root权限。
我 不 寻找以root身份执行bash命令的方法(例如 sudo find / var ),使用 Process 等。
我只想确保 Files.walk(Paths.get(/ var /) ).count()不会抛出 AccessDeniedException :
线程中的异常restartedMainjava.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0
at sun.reflect.NativeMethodAccessorImpl.invoke
at sun.reflect .DelegatingMethodAccessorImpl.invoke
at java.lang.reflect.Method.invoke
at org.springframework.boot.devtools.restart.RestartLauncher.run
引起:java.io.UncheckedIOException:java .nio.fi le.AccessDeniedException:/ var / cache / httpd
at java.nio.file.FileTreeIterator.fetchNextIfNeeded
at java.nio.file.FileTreeIterator.hasNext
at java.util.Iterator.forEachRemaining
at java.util.Spliterators $ IteratorSpliterator.forEachRemaining
at java.util.stream.AbstractPipeline.copyInto
at java.util.stream.AbstractPipeline.wrapAndCopyInto
at java.util .stream.ReduceOps $ ReduceOp.evaluateSequential
java.util.stream.AbstractPipeline.evaluate
at java.util.stream.LongPipeline.reduce
at java.util.stream.LongPipeline.sum
at java.util.stream.ReferencePipeline.count
at com.example.DemoApplication.main
... 5 more
引起:java.nio.file.AccessDeniedException: / var / cache / httpd
at sun.nio.fs.UnixException.translateToIOException
at sun.nio.fs.UnixException.rethrowAsIOException
at sun.nio.fs.UnixException.rethrowAsIOException
at sun.nio.fs.Unix FileSystemProvider.newDirectoryStream
at java.nio.file.Files.newDirectoryStream
at java.nio.file.FileTreeWalker.visit
at java.nio.file.FileTreeWalker.next
at java.nio.file.FileTreeIterator.fetchNextIfNeeded
这只是一个例子。使用 filter(...)可以解决异常问题。但是这个例子也可以扩展到其他用例。
所以简而言之这是否可能,对于CLI,JavaFX等应用程序获得root权限后已经通过 java -jar app.jar ?
如果你想要的实际上是跳过你无法访问的路径,你有两种方法:
Streams
在这个问题的答案中解释了如何获取您可以访问的子树的所有文件的流。
但是这个例子也可以扩展到其他用例。
FileVisitor
使用 FileVisitor 添加了大量代码,但在行走目录时可以更灵活树木。要解决同样的问题,你可以用以下代码替换 Files.walk():
Files.walkFileTree(Path start,FileVisitor<?super path> visitor);
扩展SimpleFileVisitor(计算文件)并覆盖某些方法。
您可以:
- 覆盖
visitFileFailed方法,处理案例由于某些原因你无法访问文件; (Lukasz_Plawny的建议) - (可选)覆盖
preVisitDirectory方法,在访问目录之前检查权限:如果无法访问它,您可以简单地跳过它的子树(请记住,您可以访问目录,但不能访问其所有文件);
例如1
@Override
public FileVisitResult visitFileFailed(Path file,IOException exc){
//你可以记录异常'exc'
返回FileVisitResult.SKIP_SUBTREE;
}
例如。 2
@Override
public FileVisitResult preVisitDirectory(Path dir,BasicFileAttributes attrs){
if(!Files.isReadable(dir))
返回FileVisitResult.SKIP_SUBTREE;
返回FileVisitResult.CONTINUE;
}
< a href =https://docs.oracle.com/javase/tutorial/essential/io/walk.html =nofollow noreferrer> FileVisitor教程
希望它有所帮助。
When running Files.walk(Paths.get("/var/")).count() as an unprivileged user, the execution might throw an exception as there are folders inside /var/ that need root permission to be traversed.
I am not looking for a way to execute a bash command as root (e.g. sudo find /var), using Process, etc.
I just want to make sure Files.walk(Paths.get("/var/")).count() does not throw an AccessDeniedException:
Exception in thread "restartedMain" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0
at sun.reflect.NativeMethodAccessorImpl.invoke
at sun.reflect.DelegatingMethodAccessorImpl.invoke
at java.lang.reflect.Method.invoke
at org.springframework.boot.devtools.restart.RestartLauncher.run
Caused by: java.io.UncheckedIOException: java.nio.file.AccessDeniedException: /var/cache/httpd
at java.nio.file.FileTreeIterator.fetchNextIfNeeded
at java.nio.file.FileTreeIterator.hasNext
at java.util.Iterator.forEachRemaining
at java.util.Spliterators$IteratorSpliterator.forEachRemaining
at java.util.stream.AbstractPipeline.copyInto
at java.util.stream.AbstractPipeline.wrapAndCopyInto
at java.util.stream.ReduceOps$ReduceOp.evaluateSequential
at java.util.stream.AbstractPipeline.evaluate
at java.util.stream.LongPipeline.reduce
at java.util.stream.LongPipeline.sum
at java.util.stream.ReferencePipeline.count
at com.example.DemoApplication.main
... 5 more
Caused by: java.nio.file.AccessDeniedException: /var/cache/httpd
at sun.nio.fs.UnixException.translateToIOException
at sun.nio.fs.UnixException.rethrowAsIOException
at sun.nio.fs.UnixException.rethrowAsIOException
at sun.nio.fs.UnixFileSystemProvider.newDirectoryStream
at java.nio.file.Files.newDirectoryStream
at java.nio.file.FileTreeWalker.visit
at java.nio.file.FileTreeWalker.next
at java.nio.file.FileTreeIterator.fetchNextIfNeeded
This is just an example. Using filter(...) it is possible to work around the exception. But this example can be expanded to other use cases too.
So in short Is this possible at all, for CLI, JavaFX, etc. apps to gain root permission after they have been executed from command line via a method such as java -jar app.jar?
If what you want is actually skipping the paths where you have no access, you have two approaches:
Streams
In the answer to this question it is explained how to obtain the stream of all files of a subtree you can access.
But this example can be expanded to other use cases too.
FileVisitor
Using a FileVisitor adds a lot of code, but grants you much more flexibility when walking directory trees. To solve the same problem you can replace Files.walk() with:
Files.walkFileTree(Path start, FileVisitor<? super Path> visitor);
extending SimpleFileVisitor (to count the files) and overriding some methods.
You can:
- Override the
visitFileFailedmethod, to handle the case you cannot access a file for some reasons; (Lukasz_Plawny's advice) - (optional) Override the
preVisitDirectorymethod, checking for permissions before accessing the directory: if you can't access it, you can simply skip its subtree (keep in mind that you may be able to access a directory, but not all its files);
e.g. 1
@Override
public FileVisitResult visitFileFailed(Path file, IOException exc) {
// you can log the exception 'exc'
return FileVisitResult.SKIP_SUBTREE;
}
e.g. 2
@Override
public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) {
if(!Files.isReadable(dir))
return FileVisitResult.SKIP_SUBTREE;
return FileVisitResult.CONTINUE;
}
Hope it helps.
这篇关于Java应用程序是否有获得root权限的方法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
