Message-Id: <199904200144.SAA13859@laguna.eng.sun.com>
Date: Mon, 19 Apr 1999 18:44:40 -0700 (PDT)
From: Jan Luehe <luehe@laguna.eng.sun.com>
Subject: Re: Loading a JAR file in a Parent DirectoryIn
To: java-security@java.sun.com, jiroibuki@geocities.com
> With JDK 1.1, a JAR file StepTest.zip stored in the parent directory
> can be read with an ARCHIVE clause in the APPLET tag specified as
>
> <APPLET CODE = "QuickSortHApp.class" ARCHIVE = "../StepTest.zip" ...
>
> However, this ARCHIVE clause causes an error with JDK 1.2:
>
> java.security.AccessControlException: access denied
> (java.io.FilePermission
> /nfs/stak/a4/classes/cs/minoura/cs162/javaProgs1.2/StepTest.zip read)
> . . .
> at java.security.AccessController.checkPermission(Compiled Code)
> at java.lang.SecurityManager.checkPermission(Compiled Code)
> at java.net.URLClassLoader$3.run(URLClassLoader.java:403)
> . . .
>
> I could not find any description on this topic on Tutorial Web pages.
See javadocs for java.net.URLClassLoader.getPermissions():
/**
* Returns the permissions for the given codesource object.
* The implementation of this method first calls super.getPermissions,
* to get the permissions
* granted by the policy, and then adds additional permissions
* based on the URL of the codesource.
* <p>
* If the protocol is "file"
* and the path specifies a file, then permission to read that
* file is granted. If protocol is "file" and the path is
* a directory, permission is granted to read all files
* and (recursively) all files and subdirectories contained in
* that directory.
* <p>
* If the protocol is not "file", then
* to connect to and accept connections from the URL's host is granted.
* @param codesource the codesource
* @return the permissions granted to the codesource
*/
Jan