This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Applets and the fly likes Applets and UNIX File permissions Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Applets
Bookmark "Applets and UNIX File permissions" Watch "Applets and UNIX File permissions" New topic
Author

Applets and UNIX File permissions

Fred Hamilton
Ranch Hand

Joined: May 13, 2009
Posts: 679
Greetings.

there is a lot of good info out there about how to set file and directory permissions, but it is not at all clear on what are the minimum permissions required for people to run my applet without giving them any unneeded access.

On the web server all my class files, and the application fie, are in a subdirectory of public_html. I was hoping that someone who has been around the block a few times with file and directory permissions and java applets could advise me on the minimum required file and directory permissions. Presumably I only need to be concerned about the third component of the set, the world permissions.

Do I need different permission on the html file that loads the JApplet class? or different permission on the JApplet class itself as opposed to the rest of the classes?

I have no problem getting things to work with the default pemissions, but I am interested in tightening things up if possible. I suppose I could just try different settings to find the minimum that worked, but I'd like to hear from someone here also.

thanks.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

You are asking about the files on the server machine, from where people will download your applet? You just need the permissions set so that the HTTP server can read those files.

The only access that clients need is the ability to send HTTP requests to the server asking for those files. They don't need any file permissions at all, since it's the HTTP server which is going to read the files and send them back to the clients as the responses.

Or am I misunderstanding the question? I've looked at it four times already and wondered why you would ask that.
Fred Hamilton
Ranch Hand

Joined: May 13, 2009
Posts: 679
Paul Clapham wrote:You are asking about the files on the server machine, from where people will download your applet? You just need the permissions set so that the HTTP server can read those files.

The only access that clients need is the ability to send HTTP requests to the server asking for those files. They don't need any file permissions at all, since it's the HTTP server which is going to read the files and send them back to the clients as the responses.

Or am I misunderstanding the question? I've looked at it four times already and wondered why you would ask that.


Fair question.

What I do know is that I have an account with a Web Hosting company, which provides me with a home directory on a UNIX server over which I have control over what access I give to various subdirectories that contain my application files. The server assigns a default set of permissions to all new directories I create and the files contained therein. And I am looking for information on the implications of the various permissions I have control over, especially world permissions.

There are three sets of permissions User, group, and world, and three access types read, write, execute. And I am looking for detailed information on the relevance of these permissions to java applets.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

Fred Hamilton wrote:And I am looking for detailed information on the relevance of these permissions to java applets.


Well, like I said there isn't any detailed information because there's nothing special about applets. As far as the server is concerned they are just another file being served.
Fred Hamilton
Ranch Hand

Joined: May 13, 2009
Posts: 679
That makes clear enough sense. It would seem that the same rules apply to java class files that apply to html source. OK then lets rephrase the question...

When a web server serves up an html document, in most cases at the client end the user can "get" the html source simply by clicking "View Source". So I am wondering if a knowledgeable user at the client end , if there was a reason too, could "grab" the java class file by virtue of the fact that it is being served up by the web server?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41135
    
  45
Fred Hamilton wrote:When a web server serves up an html document, in most cases at the client end the user can "get" the html source simply by clicking "View Source". So I am wondering if a knowledgeable user at the client end , if there was a reason too, could "grab" the java class file by virtue of the fact that it is being served up by the web server?

Yes, the end user can do that, and there's nothing you can do to prevent it. After all, the client's browser (or rather, the client browser's JVM) needs to be able to access those class files in order to run the applet.


Ping & DNS - my free Android networking tools app
 
Consider Paul's rocket mass heater.
 
subject: Applets and UNIX File permissions
 
Similar Threads
Java2 Security Permissions
RAD - WAS6 Admin Console -Error page exception
help!!! java.security.access controlException
getImageIcon() : how does it work?
java.security file policy setting not working...