Java 策略设置不适用于 FilePermission
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11229345/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Java policy settings not working for FilePermission
提问by northpole
Our Java policy file used to just be:
我们的 Java 策略文件曾经只是:
grant {
permission java.security.AllPermission;
};
I am trying to make our application more secure than just granting everything to everyone. I have it working well except I am having troubles giving permission to files.
我正在努力使我们的应用程序更安全,而不仅仅是将一切授予每个人。除了我在授予文件权限时遇到问题之外,它运行良好。
The error I currently get is:
我目前得到的错误是:
java.security.AccessControlException: access denied (java.io.FilePermission \server.log write)
I have tried so many combinations of things, such as:
我尝试了很多东西的组合,例如:
permission java.io.FilePermission "\\server.log", "write";
permission java.io.FilePermission "C:\Temp\logs\server.log", "write";
permission java.io.FilePermission "\server.log", "write";
permission java.io.FilePermission "${TEMP}${/}-", "write";
permission java.io.FilePermission "*", "read,write";
The only thing I can get it to work is using:
我可以让它工作的唯一方法是使用:
grant {
permission java.security.AllPermission;
};
I get the error "java.io.FileNotFoundException: \server.log (The filename, directory name, or volume label syntax is incorrect)" when using (even when the files do exist):
使用时出现错误“java.io.FileNotFoundException:\server.log(文件名、目录名或卷标语法不正确)”(即使文件确实存在):
permission java.io.FilePermission "<<ALL FILES>>", "write";
Just wondering if anyone had any other ideas to try. I don't really want to have to resort to granting all just to get the file permissions right, obviously I am missing something.
只是想知道是否有人有任何其他想法可以尝试。我真的不想为了获得正确的文件权限而诉诸于授予所有权限,显然我错过了一些东西。
EDIT:
编辑:
I just realized that maybe this is a clue in the log file:
我刚刚意识到这可能是日志文件中的一个线索:
log4j:ERROR setFile(null,false) call failed.
Maybe I need some permissions for this specifically? Digging around Google now....
也许我特别需要一些权限?现在在谷歌周围挖掘......
回答by Marcus Vinicius
In Oracle documentation have some examples: https://docs.oracle.com/javase/8/docs/technotes/guides/security/spec/security-spec.doc3.html
在 Oracle 文档中有一些示例:https: //docs.oracle.com/javase/8/docs/technotes/guides/security/spec/security-spec.doc3.html
permission java.io.FilePermission "myfile", "read,write";
permission java.io.FilePermission "/home/gong/", "read";
permission java.io.FilePermission "/tmp/mytmp", "read,delete";
permission java.io.FilePermission "/bin/*", "execute";
permission java.io.FilePermission "*", "read";
permission java.io.FilePermission "/-", "read,execute";
permission java.io.FilePermission "-", "read,execute";
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.io.FilePermission "c:\temp\foo", "read,write,delete")
\this one works for me
回答by Paulo Pereira
I think the problem is because you are trying to write to a file without permission to read it.
我认为问题是因为您试图在没有读取权限的情况下写入文件。
permission java.io.FilePermission "C:\folder\*", "read, write";
回答by mazaneicha
Have you tried permission java.io.FilePermission "file:${/}server.log", "read,write"?
你试过permission java.io.FilePermission "file:${/}server.log", "read,write"吗?
