[英]How to restrict read and write permissions of Java Application
Currently I am creating a playground for a programming language (pl).目前我正在为编程语言(pl)创建一个游乐场。 The code entered in the playground is remotly executed on a server.
在 Playground 中输入的代码在服务器上远程执行。
The pl runs in the Java VM and is executed in a docker container. pl 在 Java VM 中运行并在 docker 容器中执行。 Since you can read and write to files in the pl I need to take away these permissions from the Java application that executes the code.
由于您可以读取和写入 pl 中的文件,因此我需要从执行代码的 Java 应用程序中取消这些权限。
I am executing the Java app like this:我正在执行这样的 Java 应用程序:
java -cp path/to/app.jar "app.package.main" -x "place code here"
How can I remove the read and write permissions from a Java application?如何从 Java 应用程序中删除读写权限?
You need to provide a custom Security Manager configuration as a parameter:您需要提供自定义安全管理器配置作为参数:
java -Djava.security.manager
BUT: this does not mean the program will work, because if something is forbidden an但是:这并不意味着该程序将起作用,因为如果某事被禁止
AccessControlException
访问控制异常
is thrown and the program will crash, or at least (most likely) behave differently.被抛出并且程序将崩溃,或者至少(最有可能)表现不同。
See this tutorial: https://docs.oracle.com/javase/tutorial/security/tour2/step2.html请参阅本教程: https : //docs.oracle.com/javase/tutorial/security/tour2/step2.html
The better solution is probably to get the code and alter it to fit your needs (only if the licensing allows this of course).更好的解决方案可能是获取代码并对其进行更改以满足您的需要(当然,前提是许可允许这样做)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.