now if a file in the client directory is trying to access a file in the server directory, shouldn't it be prevented from doing so since I'm not explicitly letting it access the file system?
That depends on the security manager being used by the client. If this is a desktop application then by default no security manager is active, and the application can do what it wants.
Joined: Jan 04, 2005
Well, both the server and the client install the security manager in their main methods... and they have access to the same policy file! (I know i can seperate them, but for simplicity i'm leaving it like that, especially that i'm not granting either more than the other!)
but why would it depend on the client? the client file will be running inside the server's compute engine (i.e. the server will download the file into its VM), which means the policy implemented by the server should control what the client can access?
I dont know if i'm making any sense?
Thanks a lot
Joined: Mar 22, 2005
Now I'm confused. Didn't you earlier say that the client and the server run in different JVMs?
Joined: Jan 04, 2005
Well they start on different machines!
I shouldnt have said that , because the main intereste is in what happens when the server runs the client code!
H Melua: because the main intereste is in what happens when the server runs the client code!
Its strange that this sounds interesting to you. I dont have any idea what are you trying to do, but, if your server is running client code then there is something hopelessly wrong in your design/terminology.
Regarding the permissions, are you specifying an "additional" policy file using the VM parameter: java.security.policy
If this is the case, then have you provided some permissions in the default java policy file to all codebases?
What is it that you expect to fail and it is not failing? Can you provide us the code that you expect to fail?
I said my main interest, or what I'm interested in knowing... or i have to know!!
You see its an RMI program, the server is a compute engine that performs Task computation for clients, and so if we want to find two very large prime numbers, we often cant use the regular computers since they aren't powerful enough! So we make a powerful machine do the work for us and send the results back...
I'm using the default Java.policy in my user directory, just editing that one.. and no i didnt change the default one at all other than the few statements i quoted in my first post...
One of the tasks which originates from the client directory attempts to access the file system, and since I only gave the codebase in that directory to access the network, i thought it should have failed accessing anything else! (i.e. the file system!)