什么权限必须被授予小程序写入临时文件? [英] What permissions must be granted for applets to write temporary files?
问题描述
我们正在开发的小程序,需要它能够读/写在用户的临时文件目录下的文件(例如C:\\的Documents and Settings \\用户名\\本地设置的\\ Temp)。
We're developing an applet and need it to be able to read/write files in the user's temporary files directory (e.g. C:\Documents and Settings\USERNAME\Local Settings\Temp).
小程序签订后,用户点击小程序启动时的允许选项,并在Java控制面板上有允许用户授予权限的签名内容和允许用户从一个不受信任的权威的内容授予权限启用。
The applet is signed, the user clicks the 'allow' option on applet startup, and the Java Control Panel has "Allow user to grant permissions to signed content" and "Allow user to grant permissions to content from an untrusted authority" enabled.
然而,在启动时,我们得到一个SecurityException:
However, on startup, we get a SecurityException:
java.lang.SecurityException: Unable to create temporary file
at java.io.File.checkAndCreate(Unknown Source)
at java.io.File.createTempFile(Unknown Source)
at java.io.File.createTempFile(Unknown Source)
at com.jniwrapper.util.AppletHelper.b(SourceFile:104)
at com.jniwrapper.util.AppletHelper.a(SourceFile:79)
at com.jniwrapper.util.AppletHelper.b(SourceFile:50)
at com.jniwrapper.util.AppletHelper.init(SourceFile:122)
at com.x.Y.init(Y.java:31)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception: java.lang.SecurityException: Unable to create temporary file
如果我们编辑java.policy文件授予所有的一切,则小程序工作正常,但这个显然是不安全的。我们必须给予什么最小权限,允许小程序在用户的临时文件目录的读/写/创建文件?
If we edit the java.policy file to grant all to everything then the applet works OK but this is clearly insecure. What minimal permissions must we grant to allow the applet to read/write/create files in the user's temporary files directory?
推荐答案
使用策略文件进行测试还挺不错,但授予文件权限时,你不应该依赖于它为你完成code,特别是它是危险的。
Using the policy file is kinda ok for testing but you should not be relying on it for your finished code, especially when granting a file permission, it is dangerous.
要与你需要做以下的文件交互。
To interact with files you need to do the following.
-
登录您的罐子 - 吨教程如这个,你可以做签署一个自我。
Sign your jar - tons of tutorials like this, you can just do a self signed one.
添加文件的创建code到这里特权块就是一个例子。
Add the file creation code to a privileged block here is an example
File myFile = (File) AccessController.doPrivileged(new PrivilegedAction() {
public Object run()
{
return new File("C:\\MyFolder\\MyFile");
}
});
这篇关于什么权限必须被授予小程序写入临时文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
