Fine Grained Security Impossible Without Pushing Policy File?
Is this true? My hunch is that it is...
There is no way to grant specific (fine grained) access privileges to an applet in a signed jar which is to run in the Java PlugIn (any version) **without** pushing a policy file for the user to install.
My dream is: use a policy file when the jar is being signed so that the plug in recognizes it and only allows it those specific privileges (sorta like the M$ tool with the permissions .ini file).
My reason is: I have absoultely no right (because of business requirements) to ask the users to perform any manual operations. AND... I feel dirty taking the full access that's given when the user accepts a the signed jar. I mean, I'll do it if I have to, but I (and they) would feel more comfortable if I didn't.
Is my hunch correct or did I miss something?
What is making you thinking that it is absolute requirement to change policy?
I'm not sure if this is what you mean but .... we are deploying in an internet/extranet environment. Our Client Services department won't allow us to require users to perform manual import of certificates, policy files, etc.
So, if you are deploing for JavaPlugin and JRE 1.3.1+ you can use selfsigned certificates. If you have certificate from trusted CA, you can deploy for JavaPlugin and JRE 1.2.1+. In both cases you don't need to change local policy files.
I'm ok with that. I've got the signing done, etc. I know that that gives me permission to do just about anything I can do in a stand alone app.
What my real concern is.... I feel guilty asking for (and taking) all permissions on the local machine.
So... what I'd like to do is get fine-grained access to only the permissions I really need (reading files and opening a socket to a different server than the one that served up the applet).
And... all of this without forcing the user to manually import a policy file.
As I said originally, I have a hunch that this isn't possible (or else I'd have found it somewhere in the many, many sites, books and forum topics I've read).
Well, it is not your fault, but how the default permission is defined after JavaPlugin installation.
> What my real concern is.... I feel guilty asking for
> (and taking) all permissions on the local
> machine.
>
> So... what I'd like to do is get fine-grained access
> to only the permissions I really need (reading
> files and opening a socket to a different server than
> the one that served up the applet).
I hope that there is another possibility. So, you can obtain all permissions and then use them to specify what permissions you exactly needed by using Policy.setPolicy() and passing the your concrete Policy implementation in there. :-)
Yes, we saw that idea come up in other places too. It seems to fall in the "what's the point" category -- give me all permissions and trust me to take away the ones I don't need. It's like sending a bum away with $50 for a cup of coffee and expecting him to come back with the change.
I've come to the conclusion (with good reason - especially the silence on this thread) that what I want to do just can't be done. I may even get around to submitting an enhancement request.
Thanks for your help, euxx.... I appreciate your willingness to interact with me on this. I'll give you the $duke$.
> Yes, we saw that idea come up in other places too. It
> seems to fall in the "what's the point" category --
> give me all permissions and trust me to take away the
> ones I don't need. It's like sending a bum away with
> $50 for a cup of coffee and expecting him to come back
> with the change.
Not exactly. Because it is a problem of JavaPlugin who gave you $50, but not you. :-)
> Thanks for your help, euxx.... I appreciate your
> willingness to interact with me on this. I'll give
> you the $duke$.
Thanks to you.
zwiersj,Curious to know if you ever did manage to get a definitive answer on this one. I'm also having the same problem.
I've been researching this quite a bit as well. So far I've come across this site but haven't been able to get it to work without a purchased trusted certificate . I'm using a self-signed test certificate: http://forum.java.sun.com/thread.jsp?forum=63&thread=197092
It also looks as if you can use Netscape and IE's signing tools to request the level of security you need:
http://www.suitable.com/CodeSigningBoth.shtml
http://www.suitable.com/CodeSigningLinks.shtml
http://www.suitable.com/CodeSigningCerts.shtml
http://www.suitable.com/CodeSigningSignNav.shtml
http://www.suitable.com/CodeSigningSignExp.shtml
I would like to ask permission to read from file x or write to file y.
Otherwise, I'm in the same boat as you are. Apparently no one knows or is offering details.
I'll post if I find the way. Keep us informed of your progress.
