Date: Tue, 11 Aug 1998 18:03:55 -0700 (PDT)
From: schemers@Eng
To: "Ralph G. Puga" <puga@tis.com>
Subject: Re: jdk1.2beta3/4 changes in codeBase interpretation for permissions
In-Reply-To: <35D091C8.492C0539@tis.com>
<13776.35449.207175.234684@crypto.eng.sun.com>
ok, I think we've we tracked it down. It turns out that the change Jan
and I mentioned (i.e., "file:/-") was implemented for FCS, not beta4,
so it doesn't apply to your problem. It looks like there is a bug in
the policy parser that attempts to canonicalize path names in file:
URLs. For "file:/" it actually canonicalizes it to "file://", thus the
permission is not granted. The workaround is to either specify just
"file:" or a directory along with "file:" such as "file:/home". For
example, the following should work:
grant codebase "file:" { ... };
In 1.2 FCS using "file:/-" will work. Note that in
general granting AllPermission to anything from "file:" can be
dangerous. It might be better to be more explicit like:
grant codebase "file:${myapp.home}/" { ... };
And then start up your application like:
java -Dmyapp.home=/home/user/classes ...
thanks, roland