From owner-freebsd-java@FreeBSD.ORG Mon Jan 9 13:34:50 2012
Return-Path: <owner-freebsd-java@FreeBSD.ORG>
Delivered-To: freebsd-java@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 13EF3106566C
for <freebsd-java@freebsd.org>; Mon, 9 Jan 2012 13:34:50 +0000 (UTC)
(envelope-from achill@smadev.internal.net)
Received: from smadev.internal.net (adsltrust.ath.forthnet.gr
[194.219.204.174])
by mx1.freebsd.org (Postfix) with ESMTP id 237188FC0C
for <freebsd-java@freebsd.org>; Mon, 9 Jan 2012 13:34:48 +0000 (UTC)
Received: from smadev.internal.net (localhost [127.0.0.1])
by smadev.internal.net (8.14.4/8.14.4) with ESMTP id q09DYkQx076252
for <freebsd-java@freebsd.org>; Mon, 9 Jan 2012 15:34:46 +0200 (EET)
(envelope-from achill@smadev.internal.net)
Received: (from achill@localhost)
by smadev.internal.net (8.14.4/8.14.4/Submit) id q09DYkek076251
for freebsd-java@freebsd.org; Mon, 9 Jan 2012 15:34:46 +0200 (EET)
(envelope-from achill@smadev.internal.net)
From: Achilleas Mantzios <achill@smadev.internal.net>
Organization: Dynacom Tankers Mgmt
To: freebsd-java@freebsd.org
Date: Mon, 9 Jan 2012 15:34:46 +0200
User-Agent: KMail/1.13.7 (FreeBSD/8.2-RELEASE-p3; KDE/4.7.3; amd64; ; )
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <201201091534.46341.achill@smadev.internal.net>
Subject: applet security issue
X-BeenThere: freebsd-java@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting Java to FreeBSD <freebsd-java.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-java>,
<mailto:freebsd-java-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-java>
List-Post: <mailto:freebsd-java@freebsd.org>
List-Help: <mailto:freebsd-java-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-java>,
<mailto:freebsd-java-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jan 2012 13:34:50 -0000
Hello java freebsd-ers!
After struggling for hours in order to even see the digital signature security
window appearing for my applet (and i did a lot of things, bundling all libs
in one jar, re-signing, etc...)
i got to the point where the applet starts, but then gives me a :
java.security.AccessControlException: access denied (java.io.FilePermission
/usr/local/jboss-6.0.0.Final/paidia2.jpg read)
the stack trace is like :
java.security.AccessControlException: access denied (java.io.FilePermission
/usr/local/jboss-6.0.0.Final/paidia2.jpg read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
at
java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at
net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkPermission(JNLPSecurityManager.java:284)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.File.isFile(File.java:793)
at
org.apache.commons.httpclient.methods.multipart.FilePartSource.<init>(FilePartSource.java:67)
at
org.apache.commons.httpclient.methods.multipart.FilePartSource.<init>(FilePartSource.java:88)
at
org.apache.commons.httpclient.methods.multipart.FilePart.<init>(FilePart.java:178)
at
com.gatewaynet.web.applets.PhotoJApplet.actionPerformed(PhotoJApplet.java:285)
PhotoJApplet.java:285 reads :
FilePart filePart = new
FilePart(thisfile.getName(),thisfile.getName(),thisfile,"image/jpeg",null);
The funny thing is that the very same signed applet reads the contents of the
/usr/local/jboss-6.0.0.Final/ without problem:
String fname=imgPath + "/"+photos[i].filename;
ImageIcon icon = new ImageIcon(fname);
Its only when the IO is called from within apache's httpclient that i get the
problem.
(pls do not get confused, here jboss wears the hat of the dummy firefox user,
nothing j2ee involved!)
Any info would be great.
--
Achilleas Mantzios
IT DEPT