aspose file tools*
The moose likes Other JSE/JEE APIs and the fly likes Preferences API - is importPreferences() a security problem? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "Preferences API - is importPreferences() a security problem?" Watch "Preferences API - is importPreferences() a security problem?" New topic
Author

Preferences API - is importPreferences() a security problem?

Ed Ewing
Greenhorn

Joined: Aug 30, 2005
Posts: 29
In an application I've worked on, we let users export preferences (colors and such) from the java preferences system to an xml file and later re-import those preferences. This is mostly useful for users who want to transfer prefs from one machine to another.

Exporting is done by Preferences.exportSubtree(OutputStream).

This exports only the preferences from the sub-node used by our program.

Importing uses Preferences.import(InputStream).

This works fine. But I'm worried that this could be abused. There is nothing preventing the user from importing preferences that would affect the way some OTHER java program runs.

Say that I work for a company called "Clamazon". My preferences are stored (by convention) under "com/clamazon". I can easily restrict my export so that I am only exporting preferences stored under "com/clamazon". But if a malicious users alters the xml file, they could then cause the import to affect preferences under any preferences node they wish, such as "org/mozilla/firefox". Assuming that Firefox was a Java program and that it actually stored information in "org/mozilla/firefox", this could then affect they way Firefox behaved.

Since Java is normally such a safe language, this apparent security hole bothers me.

Should I simply not worry about this, since nothing important should be stored in java preferences? Or should I try to build some system to pre-process the input stream to remove anything outside of the "/com/clamazon" node before sending the input stream on to Preferences.import() ?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Preferences API - is importPreferences() a security problem?