Date: Wed, 12 Aug 1998 08:58:11 -0400
From: "Ralph G. Puga" <puga@tis.com>
To: schemers@Eng
Subject: Re: jdk1.2beta3/4 changes in codeBase interpretation for permissions
Thanks for all your help. I was beginning to think that we were going
crazy. I will implement my policy file in the of the ways that you
suggested and wait for the FCS for the other alternative.
Thanks,
--Ralph P.
schemers@Eng.Sun.COM wrote:
> ok, I think we've we tracked it down. It turns out that the change Jan
> and I mentioned (i.e., "file:/-") was implemented for FCS, not beta4,
> so it doesn't apply to your problem. It looks like there is a bug in
> the policy parser that attempts to canonicalize path names in file:
> URLs. For "file:/" it actually canonicalizes it to "file://", thus the
> permission is not granted. The workaround is to either specify just
> "file:" or a directory along with "file:" such as "file:/home". For
> example, the following should work:
>
> grant codebase "file:" { ... };
>
> In 1.2 FCS using "file:/-" will work. Note that in
> general granting AllPermission to anything from "file:" can be
> dangerous. It might be better to be more explicit like:
>
> grant codebase "file:${myapp.home}/" { ... };
>
> And then start up your application like:
>
> java -Dmyapp.home=/home/user/classes ...
>
> thanks, roland
>
-- Ralph G. Puga puga@tis.com TIS Labs/Network Associates Inc. Washington (301) 854-5323 3060 Washington Road (Voice) Baltimore (410) 442-1673 (x323) Glenwood, MD 21738 FAX (301) 854-5363