Forum Stats

  • 3,855,546 Users
  • 2,264,521 Discussions
  • 7,906,059 Comments

Discussions

consequence of giving Allpermission in java.policy It's very urgent please

843811
843811 Member Posts: 49,851 Green Ribbon
Hi all
I would be grateful if u provide answer to this query.


- Are there any implications of the modification that we make in java.policy
One of the software works only when it is given all permission which i am installing
I am worried as to this should not leave any holes in the security.

Thus we have few basic questions:
- Why are we making this change to java.policy file? - The change apparently means that we are giving all permissions to all
java programs. Is that right?
- Alternatively can we use grant codeBase construct in the java.policy file

Comments

  • 843811
    843811 Member Posts: 49,851 Green Ribbon

    I always use the following on my local intranet:

    grant codeBase "http://myLocalSever/mySecureDirectory/-" {
    permission java.security.AllPermission;
    };


    This ensures that ONLY java programs run from the 'mySecureDirectory' directory on 'myLocalServer' are given the privilege of using all permissions.

    Using this method, all java programs from other directories and servers, on both INTERnet and INTRAnet should still be subjected to your browser's standard security checks.



    Nick
This discussion has been closed.