0

I have simple web server and i'm running it in /myHome/serverHome directory. All code(classes) running on my JVM can read files in /myHome/serverHome and its sub directories. But i want to limit file reads of myHome/serverHome/conf directory to only signed code. If i used java security manager it allows all code to read all files in sub directories. Is there any way we can block this. Any help appriciate.

Thanks.

sanjeewa.190
  • 360
  • 2
  • 8
  • I am not clear what you are trying to block. You can access the directory using a web browser, or a program without your security manager. The SecurityMaanager is for protecting your local system from malicous code from a server. Its not for protecting the server from itself. – Peter Lawrey Jul 26 '14 at 02:02
  • Hi peter, Thanks for your response. When we run webserver 3rd party users may allow to deploy their web applications inside server. Those apps may have malicious code. Then they will allow to read config files of the server. That is What i'm trying to do is block it by using security manager. – sanjeewa.190 Jul 27 '14 at 19:45
  • This is what a SecurityManager is for. You can configure the SecurityManager or create your own to limit what the application can do locally. – Peter Lawrey Jul 28 '14 at 14:32

0 Answers0